Vulnerabilities > Libtiff > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-29 | CVE-2023-26966 | Classic Buffer Overflow vulnerability in Libtiff 4.5.0 libtiff 4.5.0 is vulnerable to Buffer Overflow in uv_encode() when libtiff reads a corrupted little-endian TIFF file and specifies the output to be big-endian. | 5.5 |
| 2023-06-21 | CVE-2023-25435 | Classic Buffer Overflow vulnerability in Libtiff 4.5.0 libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesShifted8bits() at /libtiff/tools/tiffcrop.c:3753. | 5.5 |
| 2023-06-19 | CVE-2023-3316 | NULL Pointer Dereference vulnerability in Libtiff A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones. | 6.5 |
| 2023-06-14 | CVE-2023-26965 | Out-of-bounds Write vulnerability in Libtiff loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. | 5.5 |
| 2023-05-19 | CVE-2023-30774 | Out-of-bounds Write vulnerability in multiple products A vulnerability was found in the libtiff library. | 5.5 |
| 2023-05-19 | CVE-2023-30775 | Out-of-bounds Write vulnerability in Libtiff 4.4.0 A vulnerability was found in the libtiff library. | 5.5 |
| 2023-05-17 | CVE-2023-2731 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. | 5.5 |
| 2023-05-09 | CVE-2023-30086 | Out-of-bounds Write vulnerability in Libtiff 4.0.7 Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker to cause a denial of service via the tiffcp function in tiffcp.c. | 5.5 |
| 2023-04-10 | CVE-2023-1916 | Out-of-bounds Read vulnerability in Libtiff A flaw was found in tiffcrop, a program distributed by the libtiff package. | 6.1 |
| 2023-03-03 | CVE-2022-4645 | Out-of-bounds Read vulnerability in Libtiff LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. | 5.5 |