Lucene search

K
osvGoogleOSV:USN-6428-1
HistoryOct 11, 2023 - 3:45 a.m.

tiff vulnerability

2023-10-1103:45:38
Google
osv.dev
4
security
image processing
denial of service

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.6%

It was discovered that LibTIFF could be made to read out of bounds when
processing certain malformed image files with the tiffcrop utility. If a
user were tricked into opening a specially crafted image file, an attacker
could possibly use this issue to cause tiffcrop to crash, resulting in a
denial of service.

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.6%