libtiff 4.5.0 is vulnerable to Buffer Overflow via /libtiff/tools/tiffcrop.c:8499. Incorrect updating of buffer size after rotateImage() in tiffcrop cause heap-buffer-overflow and SEGV.

References

gitlab.com/libtiff/libtiff/-/issues/520

gitlab.com/libtiff/libtiff/-/merge_requests/467

lists.debian.org/debian-lts-announce/2023/07/msg00034.html

cbl_mariner 2

prion 1

ubuntucve 1

veracode 1

osv 6

cve 1

redhatcve 1

nvd 1

debiancve 1

openvas 16

nessus 25

amazon 1

cloudfoundry 1

redhat 3

rocky 1

almalinux 1

oraclelinux 1

photon 2

ubuntu 2

mageia 1

debian 1

ibm 2

hp 1

cbl_mariner

CVE-2023-25433 affecting package libtiff for versions less than 4.5.1-1

2023-08-03 02:51:21

CVE-2023-25433 affecting package libtiff 4.5.0-3

2023-07-28 23:16:55

prion

Heap overflow

2023-06-29 20:15:00

ubuntucve

CVE-2023-25433

2023-06-29 00:00:00

veracode

Heap-based Buffer Overflow

2023-07-11 13:11:55

osv

CVE-2023-25433

2023-06-29 20:15:09

tiff vulnerabilities

2023-07-13 17:32:04

Moderate: libtiff security update

2024-08-21 14:52:31

cve

CVE-2023-25433

2023-06-29 20:15:09

redhatcve

CVE-2023-25433

2023-07-10 15:20:56

nvd

CVE-2023-25433

2023-06-29 20:15:09

debiancve

CVE-2023-25433

2023-06-29 20:15:09

openvas

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2024-1939)

2024-07-16 00:00:00

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2024-1985)

2024-07-19 00:00:00

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2024-1966)

2024-07-16 00:00:00

nessus

EulerOS 2.0 SP10 : libtiff (EulerOS-SA-2024-1593)

2024-05-09 00:00:00

EulerOS 2.0 SP10 : libtiff (EulerOS-SA-2024-1571)

2024-05-09 00:00:00

EulerOS Virtualization 2.10.1 : libtiff (EulerOS-SA-2024-2003)

2024-07-18 00:00:00

amazon

Medium: libtiff

2023-09-27 22:48:00

cloudfoundry

USN-6229-1: LibTIFF vulnerabilities | Cloud Foundry

2023-08-10 00:00:00

redhat

(RHSA-2024:5079) Moderate: libtiff security update

2024-08-07 10:56:05

(RHSA-2024:5439) Important: OpenShift Container Platform 4.15.28 bug fix and security update

2024-08-22 11:37:18

(RHSA-2024:5444) Important: OpenShift Container Platform 4.13.48 bug fix and security update

2024-08-22 11:37:56

rocky

libtiff security update

2024-08-21 14:52:31

almalinux

Moderate: libtiff security update

2024-08-07 00:00:00

oraclelinux

libtiff security update

2024-08-07 00:00:00

photon

Moderate Photon OS Security Update - PHSA-2023-3.0-0607

2023-07-04 00:00:00

Important Photon OS Security Update - PHSA-2023-5.0-0044

2023-07-05 00:00:00

ubuntu

LibTIFF vulnerabilities

2023-07-13 00:00:00

LibTIFF vulnerabilities

2023-08-15 00:00:00

mageia

Updated libtiff packages fix security vulnerability

2023-09-11 16:07:54

debian

[SECURITY] [DLA 3513-1] tiff security update

2023-07-31 23:56:20

ibm

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to denial of service and loss of confidentiality due to multiple vulnerabilities in libtiff

2023-07-27 15:49:30

Security Bulletin: Multiple Vulnerabilities in IBM Datacap

2024-06-03 19:44:41

HP ThinPro 8.0 SP 8 Security Updates

2024-03-01 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

19.5%

JSON

Related for CVELIST:CVE-2023-25433