vulnerability

CentOS Linux: CVE-2018-8905: Moderate: libtiff security update (CESA-2019:2053)

Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Mar 22, 2018
Added
Aug 28, 2019
Modified
May 25, 2023

Description

In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps.

Solution(s)

centos-upgrade-libtiffcentos-upgrade-libtiff-debuginfocentos-upgrade-libtiff-develcentos-upgrade-libtiff-staticcentos-upgrade-libtiff-tools
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.