| Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-6128 | 6.8 |
The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.
|
01-03-2023 - 18:41 | 11-01-2019 - 05:29 | |
| CVE-2018-12900 | 6.8 |
Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0beta7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8
|
05-03-2021 - 19:15 | 26-06-2018 - 22:29 | |
| CVE-2019-17546 | 6.8 |
tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition.
|
24-08-2020 - 17:37 | 14-10-2019 - 02:15 | |
| CVE-2018-18661 | 4.3 |
An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tif_lzw.c.
|
06-08-2019 - 17:15 | 26-10-2018 - 14:29 | |
| CVE-2017-17095 | 6.8 |
tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (TIFFSetupStrips heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file.
|
01-12-2018 - 11:29 | 02-12-2017 - 06:29 |