CVE-2023-2731

EPSS 0.01% · P1 Updated Jan 25, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2023-2731

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or denial of service.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

空指针解引用

Source: NVD (National Vulnerability Database)

Vulnerability Title

LibTIFF 代码问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

LibTIFF是一个读写TIFF（标签图像文件格式）文件的库。该库包含一些处理TIFF文件的命令行工具。 LibTIFF 存在代码问题漏洞，该漏洞源于在LZWDecode()函数中发现了NULL指针取消引用问题，导致程序崩溃或拒绝服务。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	libtiff	Fixed in libtiff v4.5.0	-

II. Public POCs for CVE-2023-2731

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2023-2731

请登录查看更多情报信息。

Same Patch Batch · n/a · 2023-05-17 · 27 CVEs total

CVE-2023-30191	9.8 CRITICAL	PrestaShop SQL注入漏洞
CVE-2023-2768	3.5 LOW	Sucms cross site scripting
CVE-2023-31722		Nasm 缓冲区错误漏洞
CVE-2023-1972		GNU Binutils 缓冲区错误漏洞
CVE-2023-2203		WebKitGTK 资源管理错误漏洞
CVE-2023-2491		Red Hat Enterprise Linux 命令注入漏洞
CVE-2023-1859		Xen 资源管理错误漏洞
CVE-2023-2295		Libreswan 安全漏洞
CVE-2023-2319		Webpack 安全漏洞
CVE-2023-27233		Piwigo SQL注入漏洞
CVE-2023-29837		Exelysis Unified Communication Solutions 跨站脚本漏洞
CVE-2023-32767		Symcon IP-Symcon 路径遍历漏洞
CVE-2023-31700		TP-LINK TL-WPA4530 命令注入漏洞
CVE-2023-31701		TP-LINK TL-WPA4530 命令注入漏洞
CVE-2023-31723		yasm 安全漏洞
CVE-2023-31724		yasm 安全漏洞
CVE-2023-31725		yasm 资源管理错误漏洞
CVE-2023-31698		Bludit 跨站脚本漏洞
CVE-2023-31699		ChurchCRM 跨站脚本漏洞
CVE-2023-31702		MicroWorld eScan Management Console SQL注入漏洞

Showing top 20 of 27 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: libtiff

Same vendor: n/a

Same weakness: CWE-476

V. Comments for CVE-2023-2731

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2023-2731

I. Basic Information for CVE-2023-2731

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2023-2731

III. Intelligence Information for CVE-2023-2731

Same Patch Batch · n/a · 2023-05-17 · 27 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2023-2731

Leave a comment