📦

libtiff

Vendor: libtiff

Login to add this product to WatchStack
Actively Exploited 0 CISA KEV List
PoC / Exploits 17 Code Available
Total RCEs 43 Remote Access
Total CVEs 1294 Total Indexed
Avg. EPSS 2.22% Exploit Prob.
Latest CVE CVE-2026-4775 Mar 24

Security Vulnerability Index

Page 4 / 130
5.5 CVSS
CVE-2023-30775

A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c.

EPSS: 0.07%
5.5 CVSS
CVE-2023-30774

A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values.

EPSS: 0.04%
5.5 CVSS
CVE-2023-2731

A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or denial of service.

EPSS: 0.01%
5.5 CVSS
CVE-2023-30086
RCE

Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker to cause a denial of service via the tiffcp function in tiffcp.c.

EPSS: 0.07%
6.1 CVSS
CVE-2023-1916

A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue affects libtiff versions 4.x.

EPSS: 0.02%
6.8 CVSS
CVE-2022-4645

LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.

EPSS: 0.01%
6.8 CVSS
CVE-2023-0804
RCE

LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.

EPSS: 0.02%
6.8 CVSS
CVE-2023-0803
RCE

LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.

EPSS: 0.03%
6.8 CVSS
CVE-2023-0802
RCE

LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.

EPSS: 0.03%
6.8 CVSS
CVE-2023-0801
RCE

LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.

EPSS: 0.03%