CVE-2022-1355: A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool…

CVE-2020-19131 [HIGH] tiff vulnerabilities tiff vulnerabilities It was discovered that LibTIFF was not properly performing the calculation of data that would eventually be used as a reference for bound-checking operations. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-19131) It was discovered that LibTIFF was not properly terminating a function execution when processing incorrect data. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-19144) It was discovered that LibTIFF did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted TIFF file using tiffinf

CVE-2022-1355 [MEDIUM] CWE-119 GHSA-2fqh-vmvf-c822: A stack buffer overflow flaw was found in Libtiffs' tiffcp A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service.

CVE-2022-1355 [MEDIUM] CVE-2022-1355: A stack buffer overflow flaw was found in Libtiffs' tiffcp A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service.

CVE-2020-19144 [HIGH] LibTIFF vulnerabilities Title: LibTIFF vulnerabilities Summary: Several security issues were fixed in LibTIFF. It was discovered that LibTIFF was not properly performing the calculation of data that would eventually be used as a reference for bound-checking operations. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-19131) It was discovered that LibTIFF was not properly terminating a function execution when processing incorrect data. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-19144) It was discovered that LibTIFF did not properly manage memory under certain circumstances. If a user we

CVE-2022-1355 [MEDIUM] CWE-787 libtiff: stack-buffer-overflow in tiffcp.c in main() libtiff: stack-buffer-overflow in tiffcp.c in main() A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service. A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service. Package: libtiff (Red Hat Enterprise Linux 6) - Not affected Package: compat-libtiff3 (Red Hat Enterprise Linux 7) - Not affected Package: libtiff (Red Hat Enterprise L

CVE-2022-1355 [MEDIUM] CVE-2022-1355: tiff - A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function.... A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service. Scope: local bookworm: resolved (fixed in 4.3.0-8) bullseye: resolved (fixed in 4.2.0-1+deb11u3) forky: resolved (fixed in 4.3.0-8) sid: resolved (fixed in 4.3.0-8) trixie: resolved (fixed in 4.3.0-8)

VERCATION: Precise Vulnerable Open-source Software Version Identification based on Static Analysis and LLM Vercation: Precise Vulnerable Open-source Software Version Identification based on Static Analysis and LLM Yiran Cheng12, Ting Zhang35, Lwin Khin Shar3, Shouguo Yang4, Chaopeng Dong12, David Lo3, Shichao Lv125, Zhiqiang Shi12, Limin Sun12 1 Beijing Key Laboratory of IOT Information Security Technology, Institute of Information Engineering, Beijing, China 2 School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China 3 Singapore Management University, Singapore 4 Zhongguancun Laboratory, Beijing, China [email protected], [email protected], [email protected], \yangshouguo, dongchaopeng\@iie.ac.cn, [email protected], \lvshichao, shizhiqiang, sunlimin\@iie.ac.cn Journal of \ Class Files, Vol. 14, No. 8, August 2025 Shell et al.: A Sample Article