| Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-6128 | 6.8 |
The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.
|
01-03-2023 - 18:41 | 11-01-2019 - 05:29 | |
| CVE-2019-7663 | 4.3 |
An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this vulnerability to cau
|
24-08-2020 - 17:37 | 09-02-2019 - 16:29 | |
| CVE-2019-17546 | 6.8 |
tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition.
|
24-08-2020 - 17:37 | 14-10-2019 - 02:15 | |
| CVE-2018-19210 | 4.3 |
In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset.
|
05-04-2019 - 21:29 | 12-11-2018 - 19:29 | |
| CVE-2017-17095 | 6.8 |
tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (TIFFSetupStrips heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file.
|
01-12-2018 - 11:29 | 02-12-2017 - 06:29 |