Debian Tiff vulnerabilities
264 known vulnerabilities affecting debian/tiff.
Total CVEs
264
CISA KEV
0
Public exploits
16
Exploited in wild
0
Severity breakdown
CRITICAL16HIGH65MEDIUM128LOW55
Vulnerabilities
Page 8 of 14
CVE-2023-40745P4MEDIUMCVSS 6.5fixed in tiff 4.5.0-6+deb12u1 (bookworm)2023
CVE-2023-40745 [MEDIUM] CVE-2023-40745: tiff - LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers ...
LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.
Scope: local
bookworm: resolved (fixed in 4.5.0-6+deb12u1)
bullseye: resolved (fixed in 4.2.0-1+deb11u5)
forky: resolved (fixed in
debian
CVE-2016-3622P4LOWCVSS 6.5fixed in tiff 4.0.7-1 (bookworm)2016
CVE-2016-3622 [MEDIUM] CVE-2016-3622: tiff - The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF 4.0.6 and e...
The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted TIFF image.
Scope: local
bookworm: resolved (fixed in 4.0.7-1)
bullseye: resolved (fixed in 4.0.7-1)
forky: resolved (fixed in 4.0.7-1)
sid: resolved (fixed in 4.0.7-1)
trixie: resolved (fixed i
debian
CVE-2014-8130P4LOWCVSS 6.5fixed in tiff 4.0.5-1 (bookworm)2014
CVE-2014-8130 [MEDIUM] CVE-2014-8130: tiff - The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero s...
The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.c, as demonstrated by tiffdither.
Scope: local
bookworm: resolved (fixed in 4.0.5-1)
bullse
debian
CVE-2018-10963P4MEDIUMCVSS 6.5fixed in tiff 4.0.9-6 (bookworm)2018
CVE-2018-10963 [MEDIUM] CVE-2018-10963: tiff - The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 ...
The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726.
Scope: local
bookworm: resolved (fixed in 4.0.9-6)
bullseye: resolved (fixed in 4.0.9-6)
forky: resolved (fixed in 4.0.9-6)
sid
debian
CVE-2018-10779P4MEDIUMCVSS 6.5fixed in tiff 4.0.6-3 (bookworm)2018
CVE-2018-10779 [MEDIUM] CVE-2018-10779: tiff - TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-r...
TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff.
Scope: local
bookworm: resolved (fixed in 4.0.6-3)
bullseye: resolved (fixed in 4.0.6-3)
forky: resolved (fixed in 4.0.6-3)
sid: resolved (fixed in 4.0.6-3)
trixie: resolved (fixed in 4.0.6-3)
debian
CVE-2018-18661P4LOWCVSS 6.5fixed in tiff 4.0.10-1 (bookworm)2018
CVE-2018-18661 [MEDIUM] CVE-2018-18661: tiff - An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in...
An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tif_lzw.c.
Scope: local
bookworm: resolved (fixed in 4.0.10-1)
bullseye: resolved (fixed in 4.0.10-1)
forky: resolved (fixed in 4.0.10-1)
sid: resolved (fixed in 4.0.10-1)
trixie: resolved (fixed in 4.0.10-1)
debian
CVE-2017-13726P4MEDIUMCVSS 6.5fixed in tiff 4.0.8-5 (bookworm)2017
CVE-2017-13726 [MEDIUM] CVE-2017-13726: tiff - There is a reachable assertion abort in the function TIFFWriteDirectorySec() in ...
There is a reachable assertion abort in the function TIFFWriteDirectorySec() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack.
Scope: local
bookworm: resolved (fixed in 4.0.8-5)
bullseye: resolved (fixed in 4.0.8-5)
forky: resolved (fixed in 4.0.8-5)
sid: resolved (fixed in 4.0.8-5)
trixie: r
debian
CVE-2014-9655P4MEDIUMCVSS 6.5fixed in tiff 4.0.3-12.1 (bookworm)2014
CVE-2014-9655 [MEDIUM] CVE-2014-9655: tiff - The (1) putcontig8bitYCbCr21tile function in tif_getimage.c or (2) NeXTDecode fu...
The (1) putcontig8bitYCbCr21tile function in tif_getimage.c or (2) NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff-cvs-1.tif and libtiff-cvs-2.tif.
Scope: local
bookworm: resolved (fixed in 4.0.3-12.1)
bullseye: resolved (fixed in 4.0.3-1
debian
CVE-2017-13727P4MEDIUMCVSS 6.5fixed in tiff 4.0.8-5 (bookworm)2017
CVE-2017-13727 [MEDIUM] CVE-2017-13727: tiff - There is a reachable assertion abort in the function TIFFWriteDirectoryTagSubifd...
There is a reachable assertion abort in the function TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack.
Scope: local
bookworm: resolved (fixed in 4.0.8-5)
bullseye: resolved (fixed in 4.0.8-5)
forky: resolved (fixed in 4.0.8-5)
sid: resolved (fixed in 4.0.8-5)
tri
debian
CVE-2016-3625P4MEDIUMCVSS 6.5fixed in tiff 4.0.3-1 (bookworm)2016
CVE-2016-3625 [MEDIUM] CVE-2016-3625: tiff - tif_read.c in the tiff2bw tool in LibTIFF 4.0.6 and earlier allows remote attack...
tif_read.c in the tiff2bw tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image.
Scope: local
bookworm: resolved (fixed in 4.0.3-1)
bullseye: resolved (fixed in 4.0.3-1)
forky: resolved (fixed in 4.0.3-1)
sid: resolved (fixed in 4.0.3-1)
trixie: resolved (fixed in 4.0.3-1)
debian
CVE-2020-19144P4MEDIUMCVSS 6.5fixed in tiff 4.0.10+git190814-1 (bookworm)2020
CVE-2020-19144 [MEDIUM] CVE-2020-19144: tiff - Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service...
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the 'in _TIFFmemcpy' funtion in the component 'tif_unix.c'.
Scope: local
bookworm: resolved (fixed in 4.0.10+git190814-1)
bullseye: resolved (fixed in 4.0.10+git190814-1)
forky: resolved (fixed in 4.0.10+git190814-1)
sid: resolved (fixed in 4.0.10+git190814-1)
trixie: resolved (fixed
debian
CVE-2020-19143P4MEDIUMCVSS 6.5fixed in tiff 4.1.0+git201212-1 (bookworm)2020
CVE-2020-19143 [MEDIUM] CVE-2020-19143: tiff - Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service...
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "TIFFVGetField" funtion in the component 'libtiff/tif_dir.c'.
Scope: local
bookworm: resolved (fixed in 4.1.0+git201212-1)
bullseye: resolved (fixed in 4.1.0+git201212-1)
forky: resolved (fixed in 4.1.0+git201212-1)
sid: resolved (fixed in 4.1.0+git201212-1)
trixie: resolved (fix
debian
CVE-2022-2520P4LOWCVSS 6.5fixed in tiff 4.4.0-6 (bookworm)2022
CVE-2022-2520 [MEDIUM] CVE-2022-2520: tiff - A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rot...
A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause program crash when reading a crafted input.
Scope: local
bookworm: resolved (fixed in 4.4.0-6)
bullseye: resolved (fixed in 4.2.0-1+deb11u3)
forky: resolved (fixed in 4.4.0-6)
sid: resolved (fixed in 4.4.0-6)
trixie: resolved (fixed in 4.4.0-6)
debian
CVE-2022-3627P4MEDIUMCVSS 5.5fixed in tiff 4.4.0-5 (bookworm)2022
CVE-2022-3627 [MEDIUM] CVE-2022-3627: tiff - LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:34...
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.
Scope: local
bookworm: resolved (fixed in 4.4.0-5)
bullseye: resolv
debian
CVE-2022-3597P4MEDIUMCVSS 5.5fixed in tiff 4.4.0-5 (bookworm)2022
CVE-2022-3597 [MEDIUM] CVE-2022-3597: tiff - LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:34...
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6826, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.
Scope: local
bookworm: resolved (fixed in 4.4.0-5)
bullseye: resolv
debian
CVE-2022-3626P4MEDIUMCVSS 5.5fixed in tiff 4.4.0-5 (bookworm)2022
CVE-2022-3626 [MEDIUM] CVE-2022-3626: tiff - LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:34...
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.
Scope: local
bookworm: resolved (fixed in 4.4.0-5)
bullseye: reso
debian
CVE-2015-8782P4MEDIUMCVSS 6.5fixed in tiff 4.0.6-1 (bookworm)2015
CVE-2015-8782 [MEDIUM] CVE-2015-8782: tiff - tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bound...
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds writes) via a crafted TIFF image, a different vulnerability than CVE-2015-8781.
Scope: local
bookworm: resolved (fixed in 4.0.6-1)
bullseye: resolved (fixed in 4.0.6-1)
forky: resolved (fixed in 4.0.6-1)
sid: resolved (fixed in 4.0.6-1)
trixie: resolved (fixed in 4.0.6-1)
debian
CVE-2016-3619P4LOWCVSS 6.5fixed in tiff 4.0.6-3 (bookworm)2016
CVE-2016-3619 [MEDIUM] CVE-2016-3619: tiff - The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in LibTIFF 4....
The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c none" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image.
Scope: local
bookworm: resolved (fixed in 4.0.6-3)
bullseye: resolved (fixed in 4.0.6-3)
forky: resolved (fixed in 4.0.6-3)
sid: resolved (fix
debian
CVE-2016-5316P4MEDIUMCVSS 6.5fixed in tiff 4.0.6-2 (bookworm)2016
CVE-2016-5316 [MEDIUM] CVE-2016-5316: tiff - Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff ...
Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool.
Scope: local
bookworm: resolved (fixed in 4.0.6-2)
bullseye: resolved (fixed in 4.0.6-2)
forky: resolved (fixed in 4.0.6-2)
sid: resolved (fixed in 4.0.6-2)
trixie: reso
debian
CVE-2025-8851P4LOWCVSS 4.8fixed in tiff 4.7.0-1 (forky)2025
CVE-2025-8851 [MEDIUM] CVE-2025-8851: tiff - A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is...
A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop.c of the component tiffcrop. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The patch is identified as 8a7a48d7a645992ca83062b3a1873c951661e2b3. It is recommended t
debian