Msrc Cbl2 Libtiff 4.1.0-3 On Cbl Mariner 2.0 vulnerabilities
4 known vulnerabilities affecting msrc/cbl2_libtiff_4.1.0-3_on_cbl_mariner_2.0.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2020-35524HIGHCVSS 7.82021-03-09
CVE-2020-35524 [HIGH] CWE-787 A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat
A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat from this vulnerability is to confidentiality integrity as well as s
msrc
CVE-2020-35523HIGHCVSS 7.82021-03-09
CVE-2020-35523 [HIGH] CWE-190 An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The highe
An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The highest threat from this vulnerability is to confidentiality integrity as
msrc
CVE-2020-35522MEDIUMCVSS 5.52021-03-09
CVE-2020-35522 [MEDIUM] CWE-119 In LibTIFF there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort resulting in a remote denial of service attack.
In LibTIFF there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort resulting in a remote denial of service attack.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of t
msrc
CVE-2020-35521MEDIUMCVSS 5.52021-03-09
CVE-2020-35521 [MEDIUM] CWE-119 A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c a crafted TIFF file can lead to an abort resulting in denial of service.
A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c a crafted TIFF file can lead to an abort resulting in denial of service.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main be
msrc