Libtiff

Libtiff

261 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2022-2868

  • EPSS 0.03%
  • Veröffentlicht 17.08.2022 22:15:08
  • Zuletzt bearbeitet 21.11.2024 07:01:50

libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop.

5.5

CVE-2022-2869

  • EPSS 0.03%
  • Veröffentlicht 17.08.2022 22:15:08
  • Zuletzt bearbeitet 21.11.2024 07:01:50

libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this flaw, most likely by tricking a user into op...

6.5

CVE-2022-34526

Exploit
  • EPSS 0.2%
  • Veröffentlicht 29.07.2022 23:15:08
  • Zuletzt bearbeitet 21.11.2024 07:09:42

A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file parsed by the "tiffsplit" or "tiffcrop" utilities.

5.5

CVE-2022-34266

  • EPSS 0.14%
  • Veröffentlicht 19.07.2022 20:15:11
  • Zuletzt bearbeitet 30.09.2025 13:40:08

The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows attackers to cause a denial of service (application crash), a different vulnerability than CVE-2022-0562. When processing a malicious TIFF file, an invalid range may be passe...

6.5

CVE-2022-2056

Exploit
  • EPSS 0.1%
  • Veröffentlicht 30.06.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 07:00:14

Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.

6.5

CVE-2022-2057

Exploit
  • EPSS 0.1%
  • Veröffentlicht 30.06.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 07:00:14

Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.

6.5

CVE-2022-2058

Exploit
  • EPSS 0.1%
  • Veröffentlicht 30.06.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 07:00:14

Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.

5.5

CVE-2022-1622

Exploit
  • EPSS 0.1%
  • Veröffentlicht 11.05.2022 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:41:06

LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.

5.5

CVE-2022-1623

Exploit
  • EPSS 0.12%
  • Veröffentlicht 11.05.2022 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:41:07

LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.

6.5

CVE-2022-1210

Exploit
  • EPSS 0.05%
  • Veröffentlicht 03.04.2022 09:15:09
  • Zuletzt bearbeitet 21.11.2024 06:40:15

A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user int...