Browse all 34 CVE security advisories affecting libtiff. AI-powered Chinese analysis, POCs, and references for each vulnerability.
LibTiff is an open-source library facilitating the reading and writing of Tag Image File Format (TIFF) files, widely integrated into image processing pipelines for scientific, medical, and publishing applications. Its extensive adoption makes it a frequent target, resulting in thirty-four recorded Common Vulnerabilities and Exposures (CVEs). Historically, the codebase has been susceptible to memory corruption issues, including buffer overflows and out-of-bounds reads, which attackers frequently exploit to achieve remote code execution or cause denial-of-service conditions. While cross-site scripting and privilege escalation are less common due to its backend nature, improper input validation remains a persistent risk. Notable incidents often involve crafted TIFF files triggering heap-based vulnerabilities, highlighting the critical need for rigorous input sanitization. The library’s complexity and legacy code structure contribute to these ongoing security challenges, requiring continuous patching to mitigate exploitation vectors in dependent software ecosystems.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-0562 | libtiff 代码问题漏洞 — libtiff | 5.5 | Medium | 2022-02-11 |
| CVE-2022-0561 | LibTIFF 代码问题漏洞 — libtiff | 5.5 | Medium | 2022-02-11 |
| CVE-2017-9117 | Silicon Graphics LibTIFF 安全漏洞 — LibTIFFCWE-125 | 4.0 | Medium | 2017-05-21 |
| CVE-2016-5652 | Silicon Graphics LibTiff 缓冲区错误漏洞 — LibTiff | 7.0 | - | 2017-01-06 |
This page lists every published CVE security advisory associated with libtiff. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.