pkg:Alpine/tiff
99 total CVEsCRITICAL1HIGH29MEDIUM65
✅ Check your installed version
All known vulnerabilities
- CRITICAL9.8CVE-2017-5225LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerS…from 0, < 4.0.7-r1
- from 0, < 4.4.0-r1
- HIGH8.8CVE-2019-6128The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.from 0, < 4.0.10-r3
- HIGH8.8CVE-2018-18557LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta,…from 0, < 4.0.10-r0
- from 0, < 4.0.9-r8
- from 0, < 4.0.9-r8
- from 0, < 4.0.10-r0
- from 0, < 4.0.9-r5
- HIGH8.8CVE-2016-5314Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of…from 0, < 4.0.7-r0
- from 0, < 4.0.9-r6
- from 0, < 4.0.9-r6
- HIGH8.8CVE-2016-3621The LZWEncode function in tif_lzw.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c lzw" option is used, allows remote atta…from 0, < 4.0.7-r0
- HIGH7.8CVE-2020-35524A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool.from 0, < 4.2.0-r0
- from 0, < 4.2.0-r0
- HIGH7.8CVE-2017-7602LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibl…from 0, < 4.0.7-r2
- HIGH7.8CVE-2017-7601LibTIFF 4.0.7 has a "shift exponent too large for 64-bit type long" undefined behavior issue, which might allow remote attackers to cause a…from 0, < 4.0.7-r2
- HIGH7.8CVE-2017-7598tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a…from 0, < 4.0.7-r2
- HIGH7.8CVE-2017-7596LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers…from 0, < 4.0.7-r2
- from 0, < 4.0.7-r2
- HIGH7.8CVE-2016-9453The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write and crash) o…from 0, < 4.0.7-r0
- HIGH7.5CVE-2017-16232LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonst…from 0, < 4.0.9-r0
- from 0, < 4.0.8-r1
- HIGH7.5CVE-2016-9448The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash)…from 0, < 4.0.7-r0
- HIGH7.5CVE-2016-5323The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error and appli…from 0, < 4.0.7-r0
- HIGH7.5CVE-2016-9297The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted TIFF…from 0, < 4.0.7-r0
- HIGH7.5CVE-2016-3658The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote attackers…from 0, < 4.0.7-r0
- HIGH7.5CVE-2016-3624The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bound…from 0, < 4.0.7-r0
- HIGH7.5CVE-2016-3623The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero) by setting the (1) v…from 0, < 4.0.7-r0
- HIGH7.1CVE-2022-0891A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or…from 0, < 4.3.0-r0
- HIGH7.0CVE-2016-5652An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool.from 0, < 4.0.7-r0
- MEDIUM6.5CVE-2023-3316A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissi…from 0, < 4.4.0-r4
- MEDIUM6.5CVE-2022-3627LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:68…from 0, < 4.4.0-r2
- MEDIUM6.5CVE-2022-3626LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:…from 0, < 4.4.0-r2
- MEDIUM6.5CVE-2022-3599LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via…from 0, < 4.4.0-r2
- MEDIUM6.5CVE-2022-3598LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denia…from 0, < 4.4.0-r2
- MEDIUM6.5CVE-2022-3597LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:68…from 0, < 4.4.0-r2
- MEDIUM6.5CVE-2022-2521It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:252…from 0, < 4.4.0-r3
- from 0, < 4.4.0-r3
- MEDIUM6.5CVE-2022-2519There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1from 0, < 4.4.0-r3
- MEDIUM6.5CVE-2022-34526A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0.from 0, < 4.4.0-r3
- MEDIUM6.5CVE-2022-2058Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file.from 0, < 4.4.0-r3
- MEDIUM6.5CVE-2022-2057Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file.from 0, < 4.4.0-r3
- MEDIUM6.5CVE-2022-2056Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file.from 0, < 4.4.0-r3
- MEDIUM6.5CVE-2022-0865Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file.from 0, < 4.3.0-r0
- from 0, < 4.0.10-r1
- MEDIUM6.5CVE-2019-10927A vulnerability has been identified in SCALANCE SC-600 (V2.0), SCALANCE XB-200 (V4.1), SCALANCE XC-200 (V4.1), SCALANCE XF-200BA (V4.1), SC…from 0, < 4.0.10-r2
- from 0, < 4.0.10-r0
- MEDIUM6.5CVE-2018-10963The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (asser…from 0, < 4.0.9-r6
- MEDIUM6.5CVE-2018-10779TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff.from 0, < 4.0.9-r8
- from 0, < 4.0.9-r4
- MEDIUM6.5CVE-2018-5784In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c.from 0, < 4.0.9-r2
- from 0, < 4.0.9-r1
- from 0, < 4.0.9-r6
- from 0, < 4.0.7-r0
- from 0, < 4.0.8-r1
- MEDIUM6.5CVE-2016-5321The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a craft…from 0, < 4.0.7-r0
- MEDIUM6.5CVE-2016-5317Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME…from 0, < 4.0.7-r0
- MEDIUM6.5CVE-2016-5316Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the appl…from 0, < 4.0.7-r0
- MEDIUM6.5CVE-2016-3625tif_read.c in the tiff2bw tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a…from 0, < 4.0.7-r0
- MEDIUM6.5CVE-2016-3622The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service…from 0, < 4.0.7-r0
- MEDIUM6.2CVE-2016-3186Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (applicat…from 0, < 4.0.7-r0
- MEDIUM5.5CVE-2022-4645LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff…from 0, < 4.4.0-r2
- MEDIUM5.5CVE-2023-0804LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via a crafte…from 0, < 4.4.0-r2
- MEDIUM5.5CVE-2023-0803LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via a crafte…from 0, < 4.4.0-r2
- MEDIUM5.5CVE-2023-0802LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to cause a denial-of-service via a crafte…from 0, < 4.4.0-r2
- MEDIUM5.5CVE-2023-0801LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778,…from 0, < 4.4.0-r2
- MEDIUM5.5CVE-2023-0800LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502, allowing attackers to cause a denial-of-service via a crafte…from 0, < 4.4.0-r2
- MEDIUM5.5CVE-2023-0799LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to cause a denial-of-service via a crafted…from 0, < 4.4.0-r2
- MEDIUM5.5CVE-2023-0798LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3400, allowing attackers to cause a denial-of-service via a crafted…from 0, < 4.4.0-r2
- MEDIUM5.5CVE-2023-0797LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6921,…from 0, < 4.4.0-r2
- MEDIUM5.5CVE-2023-0796LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted…from 0, < 4.4.0-r2
- from 0, < 4.4.0-r2
- from 0, < 4.4.0-r2
- MEDIUM5.5CVE-2022-3570Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds me…from 0, < 4.4.0-r2
- from 0, < 4.5.0-r0
- MEDIUM5.5CVE-2022-2953LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service vi…from 0, < 4.4.0-r1
- MEDIUM5.5CVE-2022-2869libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine.from 0, < 4.4.0-r0
- MEDIUM5.5CVE-2022-2868libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an atta…from 0, < 4.4.0-r0
- MEDIUM5.5CVE-2022-2867libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write.from 0, < 4.4.0-r0
- MEDIUM5.5CVE-2022-34266The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows attackers to cause a denial of service (application crash), a d…from 0, < 4.3.0-r1
- MEDIUM5.5CVE-2022-0924Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file.from 0, < 4.3.0-r0
- MEDIUM5.5CVE-2022-0909Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file.from 0, < 4.3.0-r0
- MEDIUM5.5CVE-2022-0908Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.…from 0, < 4.3.0-r0
- MEDIUM5.5CVE-2022-0907Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted…from 0, < 4.3.0-r0
- MEDIUM5.5CVE-2022-0562Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to…from 0, < 4.3.0-r0
- from 0, < 4.3.0-r0
- MEDIUM5.5CVE-2022-22844LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second…from 0, < 4.3.0-r0
- from 0, < 4.2.0-r0
- from 0, < 4.2.0-r0
- MEDIUM5.5CVE-2017-16231In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-…from 0, < 4.0.9-r0
- MEDIUM5.5CVE-2017-7595The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and…from 0, < 4.0.7-r2
- MEDIUM5.5CVE-2017-7594The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (memo…from 0, < 4.0.7-r2
- from 0, < 4.0.7-r2
- MEDIUM5.5CVE-2016-5315The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds rea…from 0, < 4.0.7-r0
- from 0, < 4.0.7-r0
- from 0, < 4.7.1-r0
- from 0, < 4.7.1-r0
- from 0, < 4.0.7-r0
- from 0, < 4.0.7-r0