17 matches found
Advisory ROSA-SA-2025-2657
software: libtiff 4.1.0 OS: ROSA-CHROME packageevrstring: libtiff-4.1.0 CVE-ID: CVE-2022-4645 BDU-ID: 2023-05401 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the tiffcrop utility tools/tiffcp.c:948 of the libtiff library involves reading beyond buffer boundaries in memory. Exploitation of the...
openSUSE: Security Advisory for tiff (SUSE-SU-2023:4370-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.10.1 : libtiff (EulerOS-SA-2023-2918)
According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. CVE-2023-26965 -...
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-3135)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : tiff (SUSE-SU-2023:4371-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4371-1 advisory. - CVE-2023-38289: Fixed a NULL pointer dereference in raw2tiff bsc1213589. - CVE-2023-38288: Fixed an integer overflow in raw2tiff...
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-3101)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
BELL-CVE-2023-2908
Bulletin has no description...
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-2937)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-2918)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-2881)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-2813)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6290-1: LibTIFF vulnerabilities
It was discovered that LibTIFF could be made to write out of bounds when processing certain malformed image files with the tiffcrop utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcrop to crash, resulting in a...
Debian: Security Advisory (DLA-3513-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-2908 affecting package libtiff 4.5.0-3
CVE-2023-2908 affecting package libtiff 4.5.0-3. An upgraded version of the package is available that resolves this issue...
CVE-2023-2908
A null pointer dereference issue was found in Libtiff's tifdir.c file. This issue may allow an attacker to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eventually leading to a denial o...
CVE-2023-2908 Libtiff: null pointer dereference in tif_dir.c
A null pointer dereference issue was found in Libtiff's tifdir.c file. This issue may allow an attacker to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eventually leading to a denial o...
CVE-2023-2908
CVE-2023-2908 is a NULL pointer dereference in libtiff's tif_dir.c affecting LibTIFF (tiffcp/tiffcrop processing). The impact is denial of service via an application crash when handling crafted TIFFs. Public fixes exist: Debian reports patch in 4.2.0-1+deb11u6; IBM-related advisory for Data produ...