VulnerableCode Package Details - pkg:ebuild/media-libs/tiff@4.4.0

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-1mh3-q3y5-qyg1	Out-of-bounds Read LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.	CVE-2022-1622
VCID-25fx-7kmb-fqhm	Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4.	CVE-2022-0924
VCID-4mq7-s2p6-yufr	Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f2b656e2.	CVE-2022-0907
VCID-5mak-1mkk-wkdg	NULL Pointer Dereference Null source pointer passed as an argument to `memcpy()` function within `TIFFFetchStripThing()` in `tif_dirread.c` in libtiff could lead to Denial of Service via crafted TIFF file.	CVE-2022-0561
VCID-5r1p-webw-nkcn	Uncontrolled Resource Consumption A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the public and may be used.	CVE-2022-1210
VCID-72yx-48n1-jbfs	Out-of-bounds Read LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.	CVE-2022-1623
VCID-as9s-4ugc-ukgy	Multiple vulnerabilities have been found in LibTIFF, the worst of which could result in denial of service.	CVE-2022-1354
VCID-gmhp-4yx2-gfbv	Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f8d0f9aa.	CVE-2022-0909
VCID-h6gn-kv5x-bbd5	Out-of-bounds Write A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out-of-bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact	CVE-2022-0891
VCID-h9ap-xxmw-j7dr	Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 46dc8fcd.	CVE-2022-1056
VCID-kpq7-5vsv-pucy	NULL Pointer Dereference Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file.	CVE-2022-0908
VCID-mhwh-tsst-cfaj	Out-of-bounds Read LibTIFF has an out-of-bounds read in `_TIFFmemcpy` in `tif_unix.c` in certain situations involving a custom tag and `0x0200` as the second word of the `DE` field.	CVE-2022-22844
VCID-qsrb-hf2u-tudp	NULL Pointer Dereference Null source pointer passed as an argument to memcpy() function within `TIFFReadDirectory()` in `tif_dirread.c` in libtiff versions from to could lead to Denial of Service via a crafted TIFF file.	CVE-2022-0562
VCID-ucr1-vp5p-jqck	Multiple vulnerabilities have been found in LibTIFF, the worst of which could result in denial of service.	CVE-2022-1355
VCID-zedn-437q-47b2	Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 5e180045.	CVE-2022-0865

Vulnerability

Summary

Aliases

VCID-1mh3-q3y5-qyg1

Out-of-bounds Read LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.

CVE-2022-1622

VCID-25fx-7kmb-fqhm

Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4.

CVE-2022-0924

VCID-4mq7-s2p6-yufr

Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f2b656e2.

CVE-2022-0907

VCID-5mak-1mkk-wkdg

NULL Pointer Dereference Null source pointer passed as an argument to `memcpy()` function within `TIFFFetchStripThing()` in `tif_dirread.c` in libtiff could lead to Denial of Service via crafted TIFF file.

CVE-2022-0561

VCID-5r1p-webw-nkcn

Uncontrolled Resource Consumption A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the public and may be used.

CVE-2022-1210

VCID-72yx-48n1-jbfs

Out-of-bounds Read LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.

CVE-2022-1623

VCID-as9s-4ugc-ukgy

Multiple vulnerabilities have been found in LibTIFF, the worst of which could result in denial of service.

CVE-2022-1354

VCID-gmhp-4yx2-gfbv

Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f8d0f9aa.

CVE-2022-0909

VCID-h6gn-kv5x-bbd5

Out-of-bounds Write A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out-of-bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact

CVE-2022-0891

VCID-h9ap-xxmw-j7dr

Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 46dc8fcd.

CVE-2022-1056

VCID-kpq7-5vsv-pucy

NULL Pointer Dereference Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file.

CVE-2022-0908

VCID-mhwh-tsst-cfaj

Out-of-bounds Read LibTIFF has an out-of-bounds read in `_TIFFmemcpy` in `tif_unix.c` in certain situations involving a custom tag and `0x0200` as the second word of the `DE` field.

CVE-2022-22844

VCID-qsrb-hf2u-tudp

NULL Pointer Dereference Null source pointer passed as an argument to memcpy() function within `TIFFReadDirectory()` in `tif_dirread.c` in libtiff versions from to could lead to Denial of Service via a crafted TIFF file.

CVE-2022-0562

VCID-ucr1-vp5p-jqck

Multiple vulnerabilities have been found in LibTIFF, the worst of which could result in denial of service.

CVE-2022-1355

VCID-zedn-437q-47b2

Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 5e180045.

CVE-2022-0865

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T13:01:30.542833+00:00	Gentoo Importer	Fixing	VCID-mhwh-tsst-cfaj	https://security.gentoo.org/glsa/202210-10	38.0.0
2026-04-01T13:01:30.531490+00:00	Gentoo Importer	Fixing	VCID-72yx-48n1-jbfs	https://security.gentoo.org/glsa/202210-10	38.0.0
2026-04-01T13:01:30.520344+00:00	Gentoo Importer	Fixing	VCID-1mh3-q3y5-qyg1	https://security.gentoo.org/glsa/202210-10	38.0.0
2026-04-01T13:01:30.509778+00:00	Gentoo Importer	Fixing	VCID-ucr1-vp5p-jqck	https://security.gentoo.org/glsa/202210-10	38.0.0
2026-04-01T13:01:30.497969+00:00	Gentoo Importer	Fixing	VCID-as9s-4ugc-ukgy	https://security.gentoo.org/glsa/202210-10	38.0.0
2026-04-01T13:01:30.485307+00:00	Gentoo Importer	Fixing	VCID-5r1p-webw-nkcn	https://security.gentoo.org/glsa/202210-10	38.0.0
2026-04-01T13:01:30.475243+00:00	Gentoo Importer	Fixing	VCID-h9ap-xxmw-j7dr	https://security.gentoo.org/glsa/202210-10	38.0.0
2026-04-01T13:01:30.464465+00:00	Gentoo Importer	Fixing	VCID-25fx-7kmb-fqhm	https://security.gentoo.org/glsa/202210-10	38.0.0
2026-04-01T13:01:30.452649+00:00	Gentoo Importer	Fixing	VCID-gmhp-4yx2-gfbv	https://security.gentoo.org/glsa/202210-10	38.0.0
2026-04-01T13:01:30.442202+00:00	Gentoo Importer	Fixing	VCID-kpq7-5vsv-pucy	https://security.gentoo.org/glsa/202210-10	38.0.0
2026-04-01T13:01:30.432011+00:00	Gentoo Importer	Fixing	VCID-4mq7-s2p6-yufr	https://security.gentoo.org/glsa/202210-10	38.0.0
2026-04-01T13:01:30.422410+00:00	Gentoo Importer	Fixing	VCID-h6gn-kv5x-bbd5	https://security.gentoo.org/glsa/202210-10	38.0.0
2026-04-01T13:01:30.413268+00:00	Gentoo Importer	Fixing	VCID-zedn-437q-47b2	https://security.gentoo.org/glsa/202210-10	38.0.0
2026-04-01T13:01:30.404391+00:00	Gentoo Importer	Fixing	VCID-qsrb-hf2u-tudp	https://security.gentoo.org/glsa/202210-10	38.0.0
2026-04-01T13:01:30.392936+00:00	Gentoo Importer	Fixing	VCID-5mak-1mkk-wkdg	https://security.gentoo.org/glsa/202210-10	38.0.0