Search CVE reports


Toggle filters

1 – 10 of 260 results


CVE-2024-7006

Medium priority

Some fixes available 7 of 23

A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults,...

5 affected packages

gdal, neuron, qtwebengine-opensource-src, texmaker, tiff

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gdal Not affected Not affected Not affected Not affected Needs evaluation
neuron Not affected Needs evaluation Needs evaluation Needs evaluation
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation
texmaker Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
tiff Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2024-6716

Low priority
Vulnerable

Rejected reason: Invalid security issue.

5 affected packages

gdal, neuron, qtwebengine-opensource-src, texmaker, tiff

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gdal Not affected Not affected Not affected Not affected Needs evaluation
neuron Not affected Needs evaluation Needs evaluation Needs evaluation
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation
texmaker Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
tiff Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2023-52356

Medium priority

Some fixes available 8 of 23

A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.

4 affected packages

gdal, qtwebengine-opensource-src, texmaker, tiff

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gdal Not affected Not affected Not affected Not affected Needs evaluation
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation Not in release
texmaker Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
tiff Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2023-52355

Negligible priority
Ignored

An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a...

5 affected packages

gdal, neuron, qtwebengine-opensource-src, texmaker, tiff

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gdal Not affected Not affected Not affected Ignored
neuron Ignored Ignored Ignored Not in release
qtwebengine-opensource-src Ignored Ignored Ignored Not in release
texmaker Ignored Ignored Ignored Ignored
tiff Ignored Ignored Ignored Ignored
Show less packages

CVE-2023-6228

Low priority

Some fixes available 8 of 31

An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash.

4 affected packages

libgeotiff, libtk-img, povray, tiff

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libgeotiff Needs evaluation Needs evaluation Needs evaluation Ignored Ignored
libtk-img Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
povray Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
tiff Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2023-6277

Low priority

Some fixes available 6 of 7

An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen() API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB.

1 affected package

tiff

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tiff Not affected Fixed Fixed Fixed Fixed
Show less packages

CVE-2023-3164

Low priority

Some fixes available 7 of 9

A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file.

1 affected package

tiff

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tiff Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2023-41175

Medium priority
Not affected

A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which...

1 affected package

tiff

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tiff Not affected Not affected Not affected Not affected
Show less packages

CVE-2023-40745

Medium priority
Not affected

LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.

1 affected package

tiff

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tiff Not affected Not affected Not affected Not affected
Show less packages

CVE-2023-3576

Negligible priority

Some fixes available 5 of 7

A memory leak flaw was found in Libtiff's tiffcrop utility. This issue occurs when tiffcrop operates on a TIFF image file, allowing an attacker to pass a crafted TIFF image file to tiffcrop utility, which causes this memory leak...

1 affected package

tiff

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tiff Fixed Fixed Fixed Fixed
Show less packages