Page 3 of 39 results (0.004 seconds)

CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-30775 – libtiff: Heap buffer overflow in extractContigSamples32bits, tiffcrop.c

https://notcve.org/view.php?id=CVE-2023-30775

A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c. • https://access.redhat.com/security/cve/CVE-2023-30775 https://bugzilla.redhat.com/show_bug.cgi?id=2187141 https://gitlab.com/libtiff/libtiff/-/issues/464 https://security.netapp.com/advisory/ntap-20230703-0002 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2

CVE-2023-1916

https://notcve.org/view.php?id=CVE-2023-1916

A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue affects libtiff versions 4.x. • https://gitlab.com/libtiff/libtiff/-/issues/536 https://gitlab.com/libtiff/libtiff/-/issues/536%2C https://gitlab.com/libtiff/libtiff/-/issues/537 https://support.apple.com/kb/HT213844 • CWE-125: Out-of-bounds Read •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2022-4645 – libtiff: out-of-bounds read in tiffcp in tools/tiffcp.c

https://notcve.org/view.php?id=CVE-2022-4645

LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125. A flaw was found in tiffcp, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the tiffcp function in tools/tiffcp.c, resulting in a denial of service and limited information disclosure. • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4645.json https://gitlab.com/libtiff/libtiff/-/commit/e813112545942107551433d61afd16ac094ff246 https://gitlab.com/libtiff/libtiff/-/issues/277 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZTFA6GGOKFPIQNHDBMXYUR4XUXUJESE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BA6GRCAQ7NR2OK5N44UQRGUJBIYKWJJH https://lists.fedoraproject.org/archives/list/package-announce%40lists.f • CWE-125: Out-of-bounds Read •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-0795 – libtiff: out-of-bounds read in extractContigSamplesShifted16bits() in tools/tiffcrop.c

https://notcve.org/view.php?id=CVE-2023-0795

LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractContigSamplesShifted16bits function in tools/tiffcrop.c, resulting in a Denial of Service and limited information disclosure. • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0795.json https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68 https://gitlab.com/libtiff/libtiff/-/issues/493 https://lists.debian.org/debian-lts-announce/2023/02/msg00026.html https://security.gentoo.org/glsa/202305-31 https://security.netapp.com/advisory/ntap-20230316-0003 https://www.debian.org/security/2023/dsa-5361 https://access.redhat.com/security/cve/CVE-2023-0795 https: • CWE-125: Out-of-bounds Read •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-0796 – libtiff: out-of-bounds read in extractContigSamplesShifted24bits() in tools/tiffcrop.c

https://notcve.org/view.php?id=CVE-2023-0796

LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractContigSamplesShifted24bits function in tools/tiffcrop.c, resulting in a Denial of Service and limited information disclosure. • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0796.json https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68 https://gitlab.com/libtiff/libtiff/-/issues/499 https://lists.debian.org/debian-lts-announce/2023/02/msg00026.html https://security.gentoo.org/glsa/202305-31 https://security.netapp.com/advisory/ntap-20230316-0003 https://www.debian.org/security/2023/dsa-5361 https://access.redhat.com/security/cve/CVE-2023-0796 https: • CWE-125: Out-of-bounds Read •