6531 matches found
CVE-2026-46602
The CVE affects the TIFF decoder in golang.org/x/image, where the tile size limit is not enforced. This can enable a malicious or corrupted TIFF image with very large tiles to drive unbounded memory consumption. The provided documents describe the vulnerability and its impact; they do not specify...
Astra Linux – Vulnerability in TIF format
A buffer overflow in LibTiff v4.0.10 allows attackers to cause a denial of service through the “TIFFVGetField” function in the component ‘libtiff/tifdir.c’...
Astra Linux – Vulnerability in TIF format
LibTIFF 4.3.0 has a out-of-bounds read issue in TIFFmemcpy in tifunix.c, especially in situations where a custom tag is used, and 0x0200 is the second value in the DE field...
Astra Linux – Vulnerability in TIF format
Libtiff 4.5.0 is vulnerable to a Buffer Overflow issue through the extractContigSamplesBytes function at /libtiff/tools/tiffcrop.c:3215...
Astra Linux – Vulnerability in TIF format
A heap-based buffer overflow flaw was discovered in libtiff, particularly in the handling of TIFF images using libtiff’s TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The greatest threat posed by this vulnerability relates to confidentiality, integrity, and...
Astra Linux – Vulnerability in TIF format
An integer overflow flaw was discovered in libtiff, which resides in the tifgetimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The greatest threat posed by this vulnerability relates to confidentiality, integrity, and system...
Astra Linux – Vulnerability in cups-filters
CUPS is a standards-based, open-source printing system. libcupsfilters contains the code for the filters from the former cups-filters package, as library functions used for data format conversion tasks in Printer Applications. In CUPS-Filters versions up to and including 1.28.17, and...
Astra Linux – Vulnerability in exiv2
There is a vulnerable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26, which can lead to a remote denial-of-service attack due to malicious input...
Astra Linux – Vulnerability in TIF format
LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service application crash or potentially execute arbitrary code through a crafted TIFF image, which triggers a heap-based buffer overflow...
Linux Distros Unpatched Vulnerability : CVE-2026-36849
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - tiff - None Ubuntu Linux - Denial of Service via large SamplesPerPixel tag CVE-2026-36849 Note that Nessus relies on the presence of the package ...
libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations,...
Important: Red Hat Security Advisory: libtiff security update
An update for libtiff is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
EulerOS Virtualization 2.13.0 : libtiff (EulerOS-SA-2026-2406)
According to the versions of the libtiff packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the...
RHEL 7 : compat-libtiff3 (RHSA-2026:24992)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:24992 advisory. The libtiff3 package provides libtiff 3, an older version of libtiff library for manipulating TIFF Tagged Image File Format image format files. This...
Important: Red Hat Security Advisory: compat-libtiff3 security update
An update for compat-libtiff3 is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations,...
Arbitrary File Upload
Overview Affected versions of this package are vulnerable to Arbitrary File Upload through the image decoding process. An attacker can cause the server process to crash by uploading a specially crafted TIFF file that triggers excessive memory allocation. Remediation Upgrade...
CVE-2026-33582
Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. A crafted TIFF image could trigger excessive memory allocation during image decoding, allowing an authenticated user to cause the server process to crash. Users are...
CVE-2026-33582 Apache Answer: Uploading specially crafted TIFF files causes an Out-of-Memory error
Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. A crafted TIFF image could trigger excessive memory allocation during image decoding, allowing an authenticated user to cause the server process to crash. Users are...
CVE-2026-33582 Apache Answer: Uploading specially crafted TIFF files causes an Out-of-Memory error
Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. A crafted TIFF image could trigger excessive memory allocation during image decoding, allowing an authenticated user to cause the server process to crash. Users are...