Important: Red Hat Security Advisory: compat-libtiff3 security update

An update for compat-libtiff3 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

JLSEC-2025-267 Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service vi...

Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4...

Linux Distros Unpatched Vulnerability : CVE-2019-7663

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tifdirwrite.c in LibTIFF 4.0.10, affecting the...

Linux Distros Unpatched Vulnerability : CVE-2024-13978

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the function t2preadtiffinit of the fil...

PT-2025-31878 · Libtiff +2 · Libtiff +2

Name of the Vulnerable Software and Affected Versions: libtiff version 4.6.0 Description: A problematic issue exists in libtiff due to a null pointer dereference in the PS Lvl2page function within the tiff2ps component file tools/tiff2ps.c. The issue occurs when the DEFER STRILE LOAD option is...

AZL-27678 CVE-2023-3618 affecting package libtiff for versions less than 4.5.1-1

A flaw was found in libtiff. A specially crafted tiff file can lead to a segmentation fault due to a buffer overflow in the Fax3Encode function in libtiff/tiffax3.c, resulting in a denial of service...

DEBIAN-CVE-2023-25433

libtiff 4.5.0 is vulnerable to Buffer Overflow via /libtiff/tools/tiffcrop.c:8499. Incorrect updating of buffer size after rotateImage in tiffcrop cause heap-buffer-overflow and SEGV...

PT-2023-4695 · Libtiff +3 · Libtiff +3

Name of the Vulnerable Software and Affected Versions: libtiff version 4.5.0 Description: The issue is caused by a buffer overflow on the stack in the extractContigSamplesShifted8bits function of the LibTIFF library, located in /libtiff/tools/tiffcrop.c. This can allow an attacker to cause a deni...

AZL-44253 CVE-2023-30086 affecting package openjpeg2 2.3.1-12

Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker to cause a denial of service via the tiffcp function in tiffcp.c...

CVE-2022-4645

LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125...

SUSE CVE-2015-7554

The TIFFVGetField function in tifdir.c in libtiff 4.0.6 allows attackers to cause a denial of service invalid memory write and crash or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image...

SUSE CVE-2016-3621

The LZWEncode function in tiflzw.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c lzw" option is used, allows remote attackers to cause a denial of service buffer over-read via a crafted BMP image...

SUSE CVE-2020-19131

Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "invertImage" function in the component "tiffcrop"...

PT-2023-4913 · Libtiff +9 · Libtiff +9

Name of the Vulnerable Software and Affected Versions: LibTIFF version 4.4.0 Description: The issue is related to an out-of-bounds write in the tiffcrop utility, located in tools/tiffcrop.c:3516, which can be exploited by attackers to cause a denial-of-service via a crafted tiff file...

PT-2023-4914 · Libtiff +9 · Libtiff +9

Name of the Vulnerable Software and Affected Versions: LibTIFF version 4.4.0 Description: The issue is related to an out-of-bounds write in the tiffcrop utility, located in tools/tiffcrop.c:3609, which can be exploited to cause a denial-of-service via a crafted tiff file. This can allow attackers...

PT-2023-4912 · Libtiff +9 · Libtiff +9

Name of the Vulnerable Software and Affected Versions: LibTIFF version 4.4.0 Description: The issue is related to an out-of-bounds write in the tiffcrop utility, located in tools/tiffcrop.c:3724, which can be exploited by attackers to cause a denial-of-service via a crafted tiff file...

PT-2023-4908 · Libtiff +6 · Libtiff +6

Name of the Vulnerable Software and Affected Versions: LibTIFF version 4.4.0 Description: The issue is related to an out-of-bounds read in the tiffcp utility, located in tools/tiffcp.c:948, which can be exploited by attackers to cause a denial-of-service via a crafted tiff file. This can lead to ...

PT-2022-6889 · Libtiff +7 · Libtiff +7

Name of the Vulnerable Software and Affected Versions: LibTIFF version 4.4.0 Description: The issue is related to an out-of-bounds read in the writeSingleSection function of the LibTIFF library, which can be exploited by attackers to cause a denial-of-service via a crafted tiff file...

PT-2022-6886 · Libtiff +7 · Libtiff +7

Name of the Vulnerable Software and Affected Versions: LibTIFF version 4.4.0 Description: The issue is related to an out-of-bounds write in the TIFFmemset function, allowing attackers to cause a denial-of-service via a crafted tiff file. This can be triggered when the TIFFmemset function is calle...

AZL-10441 CVE-2022-34526 affecting package libtiff for versions less than 4.4.0-3

A stack overflow was discovered in the TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted TIFF file parsed by the "tiffsplit" or "tiffcrop" utilities...