Libtiff

Libtiff

261 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-7006

  • EPSS 0.62%
  • Veröffentlicht 12.08.2024 13:38:40
  • Zuletzt bearbeitet 03.11.2025 21:18:47

A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentatio...

7.5

CVE-2023-52356

  • EPSS 0.72%
  • Veröffentlicht 25.01.2024 20:15:39
  • Zuletzt bearbeitet 27.02.2026 17:16:21

A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.

7.5

CVE-2023-52355

Exploit
  • EPSS 1.31%
  • Veröffentlicht 25.01.2024 20:15:38
  • Zuletzt bearbeitet 27.02.2026 17:16:20

An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 ...

3.3

CVE-2023-6228

  • EPSS 0.02%
  • Veröffentlicht 18.12.2023 14:15:11
  • Zuletzt bearbeitet 21.11.2024 08:43:24

An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash.

6.5

CVE-2023-6277

Exploit
  • EPSS 3.75%
  • Veröffentlicht 24.11.2023 19:15:07
  • Zuletzt bearbeitet 21.11.2024 08:43:31

An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen() API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB.

5.5

CVE-2023-3164

  • EPSS 0.01%
  • Veröffentlicht 02.11.2023 12:15:09
  • Zuletzt bearbeitet 21.11.2024 08:16:36

A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file.

6.5

CVE-2023-40745

  • EPSS 0.34%
  • Veröffentlicht 05.10.2023 19:15:11
  • Zuletzt bearbeitet 21.11.2024 08:20:03

LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.

6.5

CVE-2023-41175

  • EPSS 0.34%
  • Veröffentlicht 05.10.2023 19:15:11
  • Zuletzt bearbeitet 04.12.2024 08:15:05

A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based...

5.5

CVE-2023-3576

  • EPSS 0.02%
  • Veröffentlicht 04.10.2023 19:15:10
  • Zuletzt bearbeitet 21.11.2024 08:17:35

A memory leak flaw was found in Libtiff's tiffcrop utility. This issue occurs when tiffcrop operates on a TIFF image file, allowing an attacker to pass a crafted TIFF image file to tiffcrop utility, which causes this memory leak issue, resulting an a...

6.5

CVE-2022-40090

Exploit
  • EPSS 0.01%
  • Veröffentlicht 22.08.2023 19:16:23
  • Zuletzt bearbeitet 21.11.2024 07:20:50

An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via crafted TIFF file.