VulnerableCode Package Details - pkg:rpm/redhat/libtiff@4.4.0-12?arch=el9

Search for packages

Vulnerability	Summary	Fixed by
VCID-15g8-3ryu-h3ga Aliases: CVE-2023-41175	Integer Overflow or Wraparound A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.	There are no reported fixed by versions.
VCID-1hfc-b4qr-jqgk Aliases: CVE-2022-40090	Loop with Unreachable Exit Condition ('Infinite Loop') An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via crafted TIFF file.	There are no reported fixed by versions.
VCID-3wfj-nc9t-xfgp Aliases: CVE-2023-40745	Integer Overflow or Wraparound LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.	There are no reported fixed by versions.
VCID-rp7t-x7gz-9udg Aliases: CVE-2023-6228	libtiff: heap-based buffer overflow in cpStripToTile() in tools/tiffcp.c	There are no reported fixed by versions.
VCID-v4rx-c1w4-pbb3 Aliases: CVE-2023-3618	Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') A flaw was found in libtiff. A specially crafted tiff file can lead to a segmentation fault due to a buffer overflow in the Fax3Encode function in libtiff/tif_fax3.c, resulting in a denial of service.	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-15g8-3ryu-h3ga
Aliases:
CVE-2023-41175

Integer Overflow or Wraparound A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.