Security Advisory

CVE-2023-2731

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-05-17 00:00:00

Last updated 2025-01-22 18:22:52

Assigner redhat

State PUBLISHED

Description

A NULL pointer dereference flaw was found in Libtiffs LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or denial of service.

← Browse all CVEs View on cve.org ↗