Shodan
Vulnerabilities
Vulnerable Software
Libtiff:  >> Libtiff  >> 3.7.3  Security Vulnerabilities
CVE-2023-30774
A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-05-19
CVE-2023-2731
A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or denial of service.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-05-17
CVE-2022-4645
LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.
CVSS Score
6.8
EPSS Score
0.0
Published
2023-03-03
CVE-2023-0798
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3400, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
CVSS Score
6.8
EPSS Score
0.0
Published
2023-02-13
CVE-2023-0799
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
CVSS Score
6.8
EPSS Score
0.0
Published
2023-02-13
CVE-2023-0800
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
CVSS Score
6.8
EPSS Score
0.0
Published
2023-02-13
CVE-2023-0801
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
CVSS Score
6.8
EPSS Score
0.0
Published
2023-02-13
CVE-2023-0802
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
CVSS Score
6.8
EPSS Score
0.0
Published
2023-02-13
CVE-2023-0803
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
CVSS Score
6.8
EPSS Score
0.0
Published
2023-02-13
CVE-2023-0804
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
CVSS Score
6.8
EPSS Score
0.0
Published
2023-02-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved