VulnerableCode Package Details - pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u1?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-15g8-3ryu-h3ga	Integer Overflow or Wraparound A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.	CVE-2023-41175
VCID-3wfj-nc9t-xfgp	Integer Overflow or Wraparound LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.	CVE-2023-40745
VCID-pkdx-ktz1-mbbg	Missing Release of Memory after Effective Lifetime A memory leak flaw was found in Libtiff's tiffcrop utility. This issue occurs when tiffcrop operates on a TIFF image file, allowing an attacker to pass a crafted TIFF image file to tiffcrop utility, which causes this memory leak issue, resulting an application crash, eventually leading to a denial of service.	CVE-2023-3576

Vulnerability

Summary

Aliases

VCID-15g8-3ryu-h3ga

Integer Overflow or Wraparound A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.

CVE-2023-41175

VCID-3wfj-nc9t-xfgp

Integer Overflow or Wraparound LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.

CVE-2023-40745

VCID-pkdx-ktz1-mbbg

Missing Release of Memory after Effective Lifetime A memory leak flaw was found in Libtiff's tiffcrop utility. This issue occurs when tiffcrop operates on a TIFF image file, allowing an attacker to pass a crafted TIFF image file to tiffcrop utility, which causes this memory leak issue, resulting an application crash, eventually leading to a denial of service.

CVE-2023-3576

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T11:06:41.064251+00:00	Debian Importer	Fixing	VCID-3wfj-nc9t-xfgp	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:39:01.447589+00:00	Debian Importer	Fixing	VCID-15g8-3ryu-h3ga	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:51:14.194528+00:00	Debian Importer	Fixing	VCID-pkdx-ktz1-mbbg	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T07:32:51.798603+00:00	Debian Importer	Fixing	VCID-3wfj-nc9t-xfgp	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:12:03.061282+00:00	Debian Importer	Fixing	VCID-15g8-3ryu-h3ga	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:35:16.811482+00:00	Debian Importer	Fixing	VCID-pkdx-ktz1-mbbg	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:55:15.064782+00:00	Debian Importer	Fixing	VCID-15g8-3ryu-h3ga	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:55:15.015331+00:00	Debian Importer	Fixing	VCID-3wfj-nc9t-xfgp	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:55:14.902569+00:00	Debian Importer	Fixing	VCID-pkdx-ktz1-mbbg	https://security-tracker.debian.org/tracker/data/json	38.1.0