Vulnerabilities affecting this package (0)
| Vulnerability |
Summary |
Fixed by |
|
This package is not known to be affected by vulnerabilities.
|
Vulnerabilities fixed by this package (5)
| Vulnerability |
Summary |
Aliases |
|
VCID-25fx-7kmb-fqhm
|
Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4.
|
CVE-2022-0924
|
|
VCID-4mq7-s2p6-yufr
|
Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f2b656e2.
|
CVE-2022-0907
|
|
VCID-gmhp-4yx2-gfbv
|
Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f8d0f9aa.
|
CVE-2022-0909
|
|
VCID-h6gn-kv5x-bbd5
|
Out-of-bounds Write
A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out-of-bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact
|
CVE-2022-0891
|
|
VCID-kpq7-5vsv-pucy
|
NULL Pointer Dereference
Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file.
|
CVE-2022-0908
|