CVE search results

1 – 10 of 260 results

Detailed view

Sort by:

CVE-2024-7006

Medium priority

Some fixes available 7 of 23

A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults,...

5 affected packages

gdal, neuron, qtwebengine-opensource-src, texmaker, tiff

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
gdal	Not affected	Not affected	Not affected	Not affected	Needs evaluation
neuron	Not affected	Needs evaluation	Needs evaluation	Needs evaluation	—
qtwebengine-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	—
texmaker	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
tiff	Fixed	Fixed	Fixed	Fixed	Fixed

CVE-2024-6716

Low priority

Vulnerable

Rejected reason: Invalid security issue.

5 affected packages

gdal, neuron, qtwebengine-opensource-src, texmaker, tiff

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
gdal	Not affected	Not affected	Not affected	Not affected	Needs evaluation
neuron	Not affected	Needs evaluation	Needs evaluation	Needs evaluation	—
qtwebengine-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	—
texmaker	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
tiff	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable

CVE-2023-52356

Medium priority

Some fixes available 8 of 23

A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.

4 affected packages

gdal, qtwebengine-opensource-src, texmaker, tiff

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
gdal	Not affected	Not affected	Not affected	Not affected	Needs evaluation
qtwebengine-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Not in release
texmaker	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
tiff	Fixed	Fixed	Fixed	Fixed	Fixed

CVE-2023-52355

Negligible priority

Ignored

An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a...

5 affected packages

gdal, neuron, qtwebengine-opensource-src, texmaker, tiff

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
gdal	—	Not affected	Not affected	Not affected	Ignored
neuron	—	Ignored	Ignored	Ignored	Not in release
qtwebengine-opensource-src	—	Ignored	Ignored	Ignored	Not in release
texmaker	—	Ignored	Ignored	Ignored	Ignored
tiff	—	Ignored	Ignored	Ignored	Ignored

CVE-2023-6228

Low priority

Some fixes available 8 of 31

An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash.

4 affected packages

libgeotiff, libtk-img, povray, tiff

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libgeotiff	Needs evaluation	Needs evaluation	Needs evaluation	Ignored	Ignored
libtk-img	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
povray	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
tiff	Fixed	Fixed	Fixed	Fixed	Fixed

CVE-2023-6277

Low priority

Some fixes available 6 of 7

An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen() API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB.

1 affected packages

tiff

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
tiff	Not affected	Fixed	Fixed	Fixed	Fixed

CVE-2023-3164

Low priority

Some fixes available 7 of 9

A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file.

1 affected packages

tiff

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
tiff	Fixed	Fixed	Fixed	Fixed	Fixed

CVE-2023-41175

Medium priority

Not affected

A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which...

1 affected packages

tiff

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
tiff	—	Not affected	Not affected	Not affected	Not affected

CVE-2023-40745

Medium priority

Not affected

LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.

1 affected packages

tiff

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
tiff	—	Not affected	Not affected	Not affected	Not affected

CVE-2023-3576

Negligible priority

Some fixes available 5 of 7

A memory leak flaw was found in Libtiff's tiffcrop utility. This issue occurs when tiffcrop operates on a TIFF image file, allowing an attacker to pass a crafted TIFF image file to tiffcrop utility, which causes this memory leak...

1 affected packages

tiff

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
tiff	—	Fixed	Fixed	Fixed	Fixed

Export to JSON

Results by page:

Search CVE reports