Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:conan/libtiff@4.6.0
purl pkg:conan/libtiff@4.6.0
Next non-vulnerable version 4.7.0
Latest non-vulnerable version 4.7.0
Risk 3.4
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-38sj-85gt-sfhe
Aliases:
CVE-2023-3164
Out-of-bounds Write A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file.
4.7.0
Affected by 0 other vulnerabilities.
VCID-ua38-ur2u-eues
Aliases:
CVE-2023-52356
Out-of-bounds Write A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.
4.7.0
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-15g8-3ryu-h3ga Integer Overflow or Wraparound A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. CVE-2023-41175
VCID-3wfj-nc9t-xfgp Integer Overflow or Wraparound LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. CVE-2023-40745

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T22:48:44.349254+00:00 GitLab Importer Affected by VCID-ua38-ur2u-eues https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libtiff/CVE-2023-52356.yml 38.4.0
2026-04-16T22:42:23.027494+00:00 GitLab Importer Affected by VCID-38sj-85gt-sfhe https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libtiff/CVE-2023-3164.yml 38.4.0
2026-04-12T00:08:35.043619+00:00 GitLab Importer Affected by VCID-ua38-ur2u-eues https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libtiff/CVE-2023-52356.yml 38.3.0
2026-04-12T00:01:55.820913+00:00 GitLab Importer Affected by VCID-38sj-85gt-sfhe https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libtiff/CVE-2023-3164.yml 38.3.0
2026-04-03T00:13:13.185944+00:00 GitLab Importer Affected by VCID-ua38-ur2u-eues https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libtiff/CVE-2023-52356.yml 38.1.0
2026-04-03T00:04:56.870675+00:00 GitLab Importer Affected by VCID-38sj-85gt-sfhe https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libtiff/CVE-2023-3164.yml 38.1.0
2026-04-01T12:52:25.717097+00:00 GitLab Importer Affected by VCID-ua38-ur2u-eues https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libtiff/CVE-2023-52356.yml 38.0.0
2026-04-01T12:52:04.001615+00:00 GitLab Importer Affected by VCID-38sj-85gt-sfhe https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libtiff/CVE-2023-3164.yml 38.0.0
2026-04-01T12:51:53.909215+00:00 GitLab Importer Fixing VCID-3wfj-nc9t-xfgp https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libtiff/CVE-2023-40745.yml 38.0.0
2026-04-01T12:51:53.891737+00:00 GitLab Importer Fixing VCID-15g8-3ryu-h3ga https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libtiff/CVE-2023-41175.yml 38.0.0