Libtiff

Libtiff

258 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2022-0908

Exploit
  • EPSS 0.06%
  • Veröffentlicht 11.03.2022 18:15:27
  • Zuletzt bearbeitet 21.11.2024 06:39:38

Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file.

5.5

CVE-2022-0907

Exploit
  • EPSS 0.08%
  • Veröffentlicht 11.03.2022 18:15:26
  • Zuletzt bearbeitet 21.11.2024 06:39:38

Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f2b656e2.

7.1

CVE-2022-0891

Exploit
  • EPSS 0.05%
  • Veröffentlicht 10.03.2022 17:44:58
  • Zuletzt bearbeitet 21.11.2024 06:39:36

A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential in...

6.5

CVE-2022-0865

Exploit
  • EPSS 0.07%
  • Veröffentlicht 10.03.2022 17:44:57
  • Zuletzt bearbeitet 21.11.2024 06:39:33

Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 5e180045.

5.5

CVE-2022-0561

Exploit
  • EPSS 0.1%
  • Veröffentlicht 11.02.2022 18:15:11
  • Zuletzt bearbeitet 21.11.2024 06:38:55

Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, t...

5.5

CVE-2022-0562

Exploit
  • EPSS 0.06%
  • Veröffentlicht 11.02.2022 18:15:11
  • Zuletzt bearbeitet 21.11.2024 06:38:55

Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix...

5.5

CVE-2022-22844

Exploit
  • EPSS 0.09%
  • Veröffentlicht 10.01.2022 14:12:58
  • Zuletzt bearbeitet 21.11.2024 06:47:33

LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field.

7.8

CVE-2020-35524

  • EPSS 0.49%
  • Veröffentlicht 09.03.2021 20:15:13
  • Zuletzt bearbeitet 21.11.2024 05:27:29

A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat from this vulnerability is to confidentiality, in...

5.5

CVE-2020-35521

  • EPSS 0.1%
  • Veröffentlicht 09.03.2021 20:15:12
  • Zuletzt bearbeitet 21.11.2024 05:27:29

A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c, a crafted TIFF file can lead to an abort, resulting in denial of service.

5.5

CVE-2020-35522

  • EPSS 0.06%
  • Veröffentlicht 09.03.2021 20:15:12
  • Zuletzt bearbeitet 21.11.2024 05:27:29

In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack.