An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen() API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB.
2023-11-24T19:15:07.643
2024-11-21T08:43:31.253
Modified
CVSSv3.1: 6.5 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | libtiff | libtiff | - | Yes |
| Operating System | redhat | enterprise_linux | 6.0 | No |
| Operating System | redhat | enterprise_linux | 7.0 | No |
| Operating System | redhat | enterprise_linux | 8.0 | No |
| Operating System | redhat | enterprise_linux | 9.0 | No |
| Operating System | fedoraproject | fedora | 38 | Yes |