10 matches found
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the lack of limits on the size of PackBits-compressed data during decompression. An attacker can cause excessive resource consumption by submitting a specially crafted image...
CVE-2026-33809
A flaw was found in golang.org/x/image/tiff. A remote attacker could exploit this vulnerability by providing a maliciously crafted Tagged Image File Format TIFF file. This could cause the image decoding process to attempt to allocate up to 4 gigabytes GiB of memory. The excessive resource...
CVE-2026-33809 OOM from malicious IFD offset in golang.org/x/image/tiff
A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error...
AZL-31096 CVE-2023-40745 affecting package libtiff for versions less than 4.6.0-1
LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service application crash or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow...
CVE-2023-29408 Excessive resource consumption in golang.org/x/image/tiff
The TIFF decoder does not place a limit on the size of compressed tile data. A maliciously-crafted image can exploit this to cause a small image both in terms of pixel width/height, and encoded size to make the decoder decode large amounts of compressed data, consuming excessive memory and CPU...
GO-2023-1989 Excessive resource consumption in golang.org/x/image/tiff
The TIFF decoder does not place a limit on the size of compressed tile data. A maliciously-crafted image can exploit this to cause a small image both in terms of pixel width/height, and encoded size to make the decoder decode large amounts of compressed data, consuming excessive memory and CPU...
The vulnerability of the EXIF extension in the PHP programming language interpreter allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the PHP interpreter extension arises due to buffer overflows. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause a service failure through a JPEG image containing TIFF data...
DEBIAN-CVE-2019-9143
An issue was discovered in Exiv2 0.27. There is infinite recursion at Exiv2::Image::printTiffStructure in the file image.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified other impact...
Computerinsel Photoline TIFF parsing function memory corruption vulnerability (CNVD-2018-08685)
PhotoLine is a multipurpose image and graphics editor. A memory corruption vulnerability exists in the TIFF parsing feature in Computerinsel Photoline 20.53. An attacker can exploit this vulnerability to cause out-of-bounds writes and overwrite arbitrary data via specially crafted TIFF images,...
Apple iOS MobileSafari LibTIFF Buffer Overflow
Exploit for hardware platform in category remote exploits $Id: safarilibtiff.rb 15950 2012-10-09 18:31:08Z rapid7 $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing...