Libtiff

Libtiff

258 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.3

CVE-2023-6228

  • EPSS 0.02%
  • Veröffentlicht 18.12.2023 14:15:11
  • Zuletzt bearbeitet 21.11.2024 08:43:24

An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash.

6.5

CVE-2023-6277

Exploit
  • EPSS 0.42%
  • Veröffentlicht 24.11.2023 19:15:07
  • Zuletzt bearbeitet 21.11.2024 08:43:31

An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen() API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB.

5.5

CVE-2023-3164

  • EPSS 0.01%
  • Veröffentlicht 02.11.2023 12:15:09
  • Zuletzt bearbeitet 21.11.2024 08:16:36

A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file.

6.5

CVE-2023-40745

  • EPSS 0.35%
  • Veröffentlicht 05.10.2023 19:15:11
  • Zuletzt bearbeitet 21.11.2024 08:20:03

LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.

6.5

CVE-2023-41175

  • EPSS 0.26%
  • Veröffentlicht 05.10.2023 19:15:11
  • Zuletzt bearbeitet 04.12.2024 08:15:05

A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based...

5.5

CVE-2023-3576

  • EPSS 0.03%
  • Veröffentlicht 04.10.2023 19:15:10
  • Zuletzt bearbeitet 21.11.2024 08:17:35

A memory leak flaw was found in Libtiff's tiffcrop utility. This issue occurs when tiffcrop operates on a TIFF image file, allowing an attacker to pass a crafted TIFF image file to tiffcrop utility, which causes this memory leak issue, resulting an a...

6.5

CVE-2022-40090

Exploit
  • EPSS 0.01%
  • Veröffentlicht 22.08.2023 19:16:23
  • Zuletzt bearbeitet 21.11.2024 07:20:50

An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via crafted TIFF file.

5.5

CVE-2020-18768

Exploit
  • EPSS 0.02%
  • Veröffentlicht 22.08.2023 19:15:55
  • Zuletzt bearbeitet 21.11.2024 05:08:48

There exists one heap buffer overflow in _TIFFmemcpy in tif_unix.c in libtiff 4.0.10, which allows an attacker to cause a denial-of-service through a crafted tiff file.

6.5

CVE-2023-3618

  • EPSS 0.2%
  • Veröffentlicht 12.07.2023 15:15:09
  • Zuletzt bearbeitet 21.11.2024 08:17:40

A flaw was found in libtiff. A specially crafted tiff file can lead to a segmentation fault due to a buffer overflow in the Fax3Encode function in libtiff/tif_fax3.c, resulting in a denial of service.

5.5

CVE-2023-2908

Exploit
  • EPSS 0.02%
  • Veröffentlicht 30.06.2023 22:15:10
  • Zuletzt bearbeitet 21.11.2024 07:59:32

A null pointer dereference issue was found in Libtiff's tif_dir.c file. This issue may allow an attacker to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an app...