40 matches found
MiracleLinux 8 : libtiff-4.0.9-28.el8 (AXSA:2023-6178:06)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6178:06 advisory. libtiff: heap-based buffer overflow in processCropSelections in tools/tiffcrop.c CVE-2022-48281 Tenable has extracted the preceding description block directl...
TencentOS Server 3: libtiff (TSSA-2023:0191)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0191 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Linux Distros Unpatched Vulnerability : CVE-2022-48281
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow e.g., WRITE of size 307203 via a crafted TIFF image...
Important: libtiff
Issue Overview: Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other...
openSUSE: Security Advisory for tiff (SUSE-SU-2023:0342-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2023 : libtiff, libtiff-devel, libtiff-static (ALAS2023-2023-364)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-364 advisory. LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that...
BELL-CVE-2022-48281 CVE-2022-48281 does not affect BellSoft software
Bulletin has no description...
USN-6290-1: LibTIFF vulnerabilities
It was discovered that LibTIFF could be made to write out of bounds when processing certain malformed image files with the tiffcrop utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcrop to crash, resulting in a...
libtiff security update
4.0.9-28 - Fix CVE-2022-48281 - Resolves: CVE-2022-48281...
Oracle Linux 8 : libtiff (ELSA-2023-3827)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-3827 advisory. - Fix CVE-2022-48281 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...
Moderate: Red Hat Security Advisory: libtiff security update
An update for libtiff is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
RHEL 8 : libtiff (RHSA-2023:3827)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3827 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: heap-based buffer...
ALSA-2023:3827 Moderate: libtiff security update
The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: heap-based buffer overflow in processCropSelections in tools/tiffcrop.c CVE-2022-48281 For more details about the security issues, including the impact, a CVSS score,...
RHEL 9 : libtiff (RHSA-2023:3711)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3711 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: heap-base...
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-2157)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP11 : libtiff (EulerOS-SA-2023-1783)
According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A stack overflow was discovered in the TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of...
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-1761)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP11 : libtiff (EulerOS-SA-2023-1761)
According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A stack overflow was discovered in the TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of...
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-1555)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : libtiff (EulerOS-SA-2023-1530)
According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A stack overflow was discovered in the TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of...