CVE-2018-17101

2018-09-1621:29:01

Google

osv.dev

7.2 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.2%

JSON

An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.

CPENameOperatorVersion
tiffeq4.0.8-r0
libtiffeqRelease-v3-7-0beta2
tiffeq4.0.6-r2
libtiffeq3.7.0
libtiffeq4.0.0alpha4
tiffeq4.0.9-r1
libtiffeq4.0.0
libtiffeqRelease-v4-0-8
libtiffeqRelease-v3-6-0beta2
tiffeq4.0.1-r0

Name	Operator	Version
tiff	eq	4.0.8-r0
libtiff	eq	Release-v3-7-0beta2
tiff	eq	4.0.6-r2
libtiff	eq	3.7.0
libtiff	eq	4.0.0alpha4
tiff	eq	4.0.9-r1
libtiff	eq	4.0.0
libtiff	eq	Release-v4-0-8
libtiff	eq	Release-v3-6-0beta2
tiff	eq	4.0.1-r0