CVE-2014-8128
MEDIUM6.5EPSS 0.99%tiff - security update
Published: 2/12/2020Modified: 4/28/2026
Also known as:DEBIAN-CVE-2014-8128
Description
LibTIFF prior to 4.0.4, as used in Apple iOS before 8.4 and OS X before 10.10.4 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image.
Affected packages (3)
- Debian/tifffrom 0, < 4.0.3-12.3
- Debian/tifffrom 0, < 3.9.4-5+squeeze12
- Debian/tifffrom 0, < 4.0.2-6+deb7u7
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |