cbcvebase.

Debian Tiff vulnerabilities

264 known vulnerabilities affecting debian/tiff.

Total CVEs
264
CISA KEV
0
Public exploits
16
Exploited in wild
0
Severity breakdown
CRITICAL16HIGH65MEDIUM128LOW55

Vulnerabilities

Page 13 of 14
CVE-2023-2731P4MEDIUMCVSS 5.5fixed in tiff 4.5.0-6 (bookworm)2023
CVE-2023-2731 [MEDIUM] CVE-2023-2731: tiff - A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in t... A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or denial of service. Scope: local bookworm: resolved (fixed in 4.5.0-6) bul
debian
CVE-2025-61143P4LOWCVSS 5.5fixed in tiff 4.7.1-1 (forky)2025
CVE-2025-61143 [MEDIUM] CVE-2025-61143: tiff - libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via th... libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c. Scope: local bookworm: open bullseye: open forky: resolved (fixed in 4.7.1-1) sid: resolved (fixed in 4.7.1-1) trixie: open
debian
CVE-2010-2597P4MEDIUMCVSS 4.3fixed in tiff 3.9.6-1 (bookworm)2010
CVE-2010-2597 [MEDIUM] CVE-2010-2597: tiff - The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes inco... The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image, related to "downsampled OJPEG input" and possibly related to a compiler optimization that triggers a divide-by-zero error. Scope: local bookworm
debian
CVE-2017-9117P4LOWCVSS 4.0fixed in tiff 4.0.7-1 (bookworm)2017
CVE-2017-9117 [MEDIUM] CVE-2017-9117: tiff - In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images w... In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, as demonstrated by a heap-based buffer over-read in bmp2tiff. NOTE: mentioning bmp2tiff does not imply that the activation point is in the bmp2tiff.c file (which was removed before the 4.0.7
debian
CVE-2023-0799P4MEDIUMCVSS 6.8fixed in tiff 4.5.0-5 (bookworm)2023
CVE-2023-0799 [MEDIUM] CVE-2023-0799: tiff - LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, al... LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. Scope: local bookworm: resolved (fixed in 4.5.0-5) bullseye: resolved (fixed in 4.2.0-1+deb11u4) forky: resolved (fixed in 4.5.0-5)
debian
CVE-2023-0795P4MEDIUMCVSS 6.8fixed in tiff 4.5.0-5 (bookworm)2023
CVE-2023-0795 [MEDIUM] CVE-2023-0795: tiff - LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, al... LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. Scope: local bookworm: resolved (fixed in 4.5.0-5) bullseye: resolved (fixed in 4.2.0-1+deb11u4) forky: resolved (fixed in 4.5.0-5)
debian
CVE-2023-0796P4MEDIUMCVSS 6.8fixed in tiff 4.5.0-5 (bookworm)2023
CVE-2023-0796 [MEDIUM] CVE-2023-0796: tiff - LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, al... LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. Scope: local bookworm: resolved (fixed in 4.5.0-5) bullseye: resolved (fixed in 4.2.0-1+deb11u4) forky: resolved (fixed in 4.5.0-5)
debian
CVE-2023-0798P4MEDIUMCVSS 6.8fixed in tiff 4.5.0-5 (bookworm)2023
CVE-2023-0798 [MEDIUM] CVE-2023-0798: tiff - LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3400, al... LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3400, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. Scope: local bookworm: resolved (fixed in 4.5.0-5) bullseye: resolved (fixed in 4.2.0-1+deb11u4) forky: resolved (fixed in 4.5.0-5)
debian
CVE-2016-10267P4MEDIUMCVSS 5.5fixed in tiff 4.0.7-2 (bookworm)2016
CVE-2016-10267 [MEDIUM] CVE-2016-10267: tiff - LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-ze... LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8. Scope: local bookworm: resolved (fixed in 4.0.7-2) bullseye: resolved (fixed in 4.0.7-2) forky: resolved (fixed in 4.0.7-2) sid: resolved (fixed in 4.0.7-2) trixie: resolved (fixed in 4.0.7-2)
debian
CVE-2006-0405P4MEDIUMCVSS 5.0fixed in tiff 3.8.0-2 (bookworm)2006
CVE-2006-0405 [MEDIUM] CVE-2006-0405: tiff - The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 allows remote ... The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a NULL pointer dereference, possibly due to changes in type declarations and/or the TIFFVSetField function. Scope: local bookworm: resolved (fixed in 3.8.0-2) bullseye: resolved (fixed in 3.8.0
debian
CVE-2017-7595P4LOWCVSS 5.5fixed in tiff 4.0.7-6 (bookworm)2017
CVE-2017-7595 [MEDIUM] CVE-2017-7595: tiff - The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attac... The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image. Scope: local bookworm: resolved (fixed in 4.0.7-6) bullseye: resolved (fixed in 4.0.7-6) forky: resolved (fixed in 4.0.7-6) sid: resolved (fixed in 4.0.7-6) trixie: resolved (fixed in 4.0.7-6
debian
CVE-2022-1056P4LOWCVSS 5.5fixed in tiff 4.4.0~rc1-1 (bookworm)2022
CVE-2022-1056 [MEDIUM] CVE-2022-1056: tiff - Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause ... Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 46dc8fcd. Scope: local bookworm: resolved (fixed in 4.4.0~rc1-1) bullseye: open forky: resolved (fixed in 4.4.0~rc1-1) sid: resolved (fixed in 4.4.0~rc1-1) trixie: reso
debian
CVE-2023-30086P4MEDIUMCVSS 5.5fixed in tiff 4.4.0-5 (bookworm)2023
CVE-2023-30086 [MEDIUM] CVE-2023-30086: tiff - Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker t... Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker to cause a denial of service via the tiffcp function in tiffcp.c. Scope: local bookworm: resolved (fixed in 4.4.0-5) bullseye: resolved (fixed in 4.2.0-1+deb11u3) forky: resolved (fixed in 4.4.0-5) sid: resolved (fixed in 4.4.0-5) trixie: resolved (fixed in 4.4.0-5)
debian
CVE-2010-2481P4LOWCVSS 4.3fixed in tiff 3.9.4-1 (bookworm)2010
CVE-2010-2481 [MEDIUM] CVE-2010-2481: tiff - The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unkno... The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF file. Scope: local bookworm: resolved (fixed in 3.9.4-1) bullseye: resolved (fixed in 3.9.4-1) forky: resolved (fixed in 3.9.4-1)
debian
CVE-2010-2596P4LOWCVSS 4.3fixed in tiff 4.0.6-1 (bookworm)2010
CVE-2010-2596 [MEDIUM] CVE-2010-2596: tiff - The OJPEGPostDecode function in tif_ojpeg.c in LibTIFF 3.9.0 and 3.9.2, as used ... The OJPEGPostDecode function in tif_ojpeg.c in LibTIFF 3.9.0 and 3.9.2, as used in tiff2ps, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted TIFF image, related to "downsampled OJPEG input." Scope: local bookworm: resolved (fixed in 4.0.6-1) bullseye: resolved (fixed in 4.0.6-1) forky: resolved (fixed in 4.0.6-
debian
CVE-2010-2595P4MEDIUMCVSS 4.3fixed in tiff 3.9.6-1 (bookworm)2010
CVE-2010-2595 [MEDIUM] CVE-2010-2595: tiff - The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, ... The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers an array index error, related to "downsampled OJPEG input." Scope: local bookworm: resolved (fixed in 3.9.6-1) b
debian
CVE-2010-2483P4LOWCVSS 4.3fixed in tiff 3.9.4-4 (bookworm)2010
CVE-2010-2483 [MEDIUM] CVE-2010-2483: tiff - The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause ... The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a TIFF file with an invalid combination of SamplesPerPixel and Photometric values. Scope: local bookworm: resolved (fixed in 3.9.4-4) bullseye: resolved (fixed in 3.9.4-4) forky: resolved (fixed in 3.9.4-4) sid: resolved (fi
debian
CVE-2004-0804P4MEDIUMCVSS 4.3fixed in tiff 3.6.1-2 (bookworm)2004
CVE-2004-0804 [MEDIUM] CVE-2004-0804: tiff - Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a de... Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a denial of service (application crash) via a TIFF image that causes a divide-by-zero error when the number of row bytes is zero, a different vulnerability than CVE-2005-2452. Scope: local bookworm: resolved (fixed in 3.6.1-2) bullseye: resolved (fixed in 3.6.1-2) forky: resolved (fixed in 3.6.
debian
CVE-2005-2452P4MEDIUMCVSS 4.3fixed in tiff 3.7.0-1 (bookworm)2005
CVE-2005-2452 [MEDIUM] CVE-2005-2452: tiff - libtiff up to 3.7.0 allows remote attackers to cause a denial of service (applic... libtiff up to 3.7.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image header with a zero "YCbCr subsampling" value, which causes a divide-by-zero error in (1) tif_strip.c and (2) tif_tile.c, a different vulnerability than CVE-2004-0804. Scope: local bookworm: resolved (fixed in 3.7.0-1) bullseye: resolved (fixed in 3.7.0-1) forky
debian
CVE-2025-8961P4LOWCVSS 4.8fixed in tiff 4.7.0-5 (forky)2025
CVE-2025-8961 [MEDIUM] CVE-2025-8961: tiff - A weakness has been identified in LibTIFF 4.7.0. This affects the function main ... A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be exploited. Scope: local bookworm: open bullseye: open forky: resolved (fixed in 4.7
debian
Debian Tiff vulnerabilities | cvebase