Astra Linux - уязвимость в tiff

LibTIFF 4.4.0 contains an out-of-bounds read vulnerability in tiffcrop, located at line 368 of libtiff/tifunix.c. This vulnerability is invoked by lines 2903 and 6921 in tools/tiffcrop.c. This allows attackers to cause a denial-of-service attack through a crafted TIF file. For users who compile...

CVE-2025-61145

libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c...

CVE-2025-61145

libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c...

JLSEC-2025-306 loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a craft...

loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image...

JLSEC-2025-299 LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to...

LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127...

JLSEC-2025-277 libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read ...

libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libtiff (UTSA-2025-680599)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680599 advisory. LibTIFF 4.4.0 has an out-of-bounds write in TIFFmemset in libtiff/tifunix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to...

EUVD-2023-12802

Malicious code in bioql PyPI...

CVE-2025-8851 LibTIFF tiffcrop tiffcrop.c readSeparateStripsetoBuffer stack-based overflow

A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop.c of the component tiffcrop. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The patch is...

LibTIFF Buffer Error Vulnerability

LibTIFF is a library for reading and writing TIFF Tagged Image File Format files. The library contains some command line tools for working with TIFF files. LibTIFF suffers from a buffer error vulnerability that stems from a heap-based buffer overflow vulnerability found in extractImageSection in...

The vulnerability of the extractContigSamplesShifted8bits() function in the component/libtiff/tools/tiffcrop.c library of LibTIFF, which allows a malicious actor to cause a service failure.

The vulnerability of the extractContigSamplesShifted8bits function in the component /libtiff/tools/tiffcrop.c of the LibTIFF library is caused by a buffer overflow on the stack. Exploiting this vulnerability could allow an attacker to cause a service failure...

LibTIFF 安全漏洞

LibTIFF is a library for reading and writing TIFF Tagged Image File Format files. The library contains some command line tools for working with TIFF files. A security vulnerability exists in LibTIFF version 4.5.0, which stems from a buffer overflow vulnerability in /libtiff/tools/tiffcrop.c. The...

PT-2023-4825 · Libtiff +9 · Libtiff +9

Name of the Vulnerable Software and Affected Versions: libtiff version 4.5.0 Description: The issue is related to a buffer overflow in the rotateImage function of the libtiff library. This overflow can cause a heap-buffer-overflow and SEGV. The vulnerability may allow an attacker to cause a denia...

loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.

...

SUSE CVE-2023-25434

libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes at /libtiff/tools/tiffcrop.c:3215...

DEBIAN-CVE-2023-26965

loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image...

UBUNTU-CVE-2023-26965

loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image...

LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502 allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources the fix is available with commit 33aee127.

...

SUSE CVE-2016-3991

Heap-based buffer overflow in the loadImage function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service out-of-bounds write or execute arbitrary code via a crafted TIFF image with zero tiles...

SUSE CVE-2023-0804

LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127...