Search CVE reports
71 – 80 of 260 results
CVE-2022-22844
Negligible prioritySome fixes available 4 of 6
LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field.
1 affected packages
tiff
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| tiff | — | Not affected | Fixed | Fixed | Fixed |
CVE-2020-19144
Negligible priorityBuffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the 'in _TIFFmemcpy' funtion in the component 'tif_unix.c'.
1 affected packages
tiff
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| tiff | — | Not affected | Not affected | Fixed | Fixed |
CVE-2020-19143
Medium priorityBuffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "TIFFVGetField" funtion in the component 'libtiff/tif_dir.c'.
1 affected packages
tiff
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| tiff | — | Not affected | Fixed | Not affected | Not affected |
CVE-2020-19131
Negligible priorityBuffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "invertImage()" function in the component "tiffcrop".
1 affected packages
tiff
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| tiff | — | Not affected | Not affected | Fixed | Fixed |
CVE-2020-35522
Negligible prioritySome fixes available 4 of 5
In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack.
1 affected packages
tiff
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| tiff | — | Not affected | Fixed | Fixed | Fixed |
CVE-2020-35521
Negligible prioritySome fixes available 4 of 5
A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c, a crafted TIFF file can lead to an abort, resulting in denial of service.
1 affected packages
tiff
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| tiff | — | Not affected | Fixed | Fixed | Fixed |
CVE-2020-35524
Medium priorityA heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat from this vulnerability is to...
1 affected packages
tiff
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| tiff | — | Not affected | Fixed | Fixed | Fixed |
CVE-2020-35523
Medium priorityAn integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The highest threat from this...
1 affected packages
tiff
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| tiff | — | Not affected | Fixed | Fixed | Fixed |
CVE-2019-17546
Medium prioritySome fixes available 5 of 56
tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param"...
17 affected packages
blender, chromium-browser, gdal, insighttoolkit4, ivtools...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| blender | Not affected | Not affected | Not affected | Not affected | Not affected |
| chromium-browser | Not affected | Not affected | Not affected | Not affected | Not affected |
| gdal | Not affected | Not affected | Not affected | Not affected | Vulnerable |
| insighttoolkit4 | Not in release | Not affected | Not affected | Not affected | Not affected |
| ivtools | Not affected | Not affected | Not affected | Not affected | Not affected |
| libtk-img | Not affected | Not affected | Not affected | Not affected | Not affected |
| neuron | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
| openjpeg2 | Not affected | Not affected | Not affected | Not affected | Not affected |
| paraview | Not affected | Not affected | Not affected | Not affected | Not affected |
| povray | Not affected | Not affected | Not affected | Not affected | Not affected |
| qt4-x11 | Not in release | Not in release | Not in release | Not affected | Not affected |
| qtimageformats-opensource-src | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| qtwebengine-opensource-src | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
| sfftobmp | Not affected | Not affected | Not affected | Not affected | Not affected |
| texmaker | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Not affected |
| tiff | Not affected | Not affected | Not affected | Fixed | Fixed |
| xloadimage | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2019-14973
Low priority_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to...
1 affected packages
tiff
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| tiff | — | Not affected | Not affected | Fixed | Fixed |