What is the vulnerability ID for this flaw in the libtiff library?

The vulnerability ID for this flaw in the libtiff library is CVE-2023-30774.

What is the severity of CVE-2023-30774?

CVE-2023-30774 has a severity rating of medium.

Which version of the libtiff library is affected by CVE-2023-30774?

The libtiff library version 4.0.0 is affected by CVE-2023-30774.

Are there any known fixes or patches available for CVE-2023-30774?

Yes, the vulnerability has been reported and fixes or patches may be available. It is recommended to check with the vendor or official sources for the latest updates.

Vulnerability/
CVE-2023-30774

medium

5.5

CWE

119 787

17/4/2023

19/5/2023

17/12/2024

CVE-2023-30774: Buffer Overflow

Q: How does CVE-2023-30774 manifest?

CVE-2023-30774 manifests as a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values.

First published: Mon Apr 17 2023(Updated: )

A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values.

Credit: CVE-2023-30774 secalert@redhat.com secalert@redhat.com

Affected Software	Affected Version	How to fix
Libtiff Libtiff	=4.0.0
Apple macOS	<14.1
Apple macOS Sonoma	<14.1	14.1
IBM Cognos Analytics	<=12.0.0-12.0.3
IBM Cognos Analytics	<=11.2.0-11.2.4 FP4

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2023-30774
CVE-2023-40444
CVE-2023-42952
CVE-2023-42945
CVE-2023-41072
CVE-2023-42857
CVE-2023-40449
CVE-2023-42823
CVE-2023-41989
CVE-2023-42854
CVE-2023-40413
CVE-2023-42834
CVE-2023-42844
CVE-2023-42953
CVE-2023-40416
CVE-2023-42848
CVE-2023-40423
CVE-2023-38403
CVE-2023-42849
CVE-2023-42850
CVE-2023-40446
CVE-2023-42942
CVE-2023-42861
CVE-2023-42935
CVE-2023-40408
CVE-2023-40405
CVE-2023-28826
CVE-2023-42856
CVE-2023-40404
CVE-2023-42859
CVE-2023-42877
CVE-2023-42840
CVE-2023-42853
CVE-2023-42860
CVE-2023-42889
CVE-2023-42847
CVE-2023-42845
CVE-2023-42841
CVE-2023-42873
CVE-2023-42838
CVE-2023-42835
CVE-2023-41977
CVE-2023-42438
CVE-2023-42836
CVE-2023-42839
CVE-2023-42878
CVE-2023-41982
CVE-2023-41997
CVE-2023-41988
CVE-2023-42946
CVE-2023-36191
CVE-2023-40421
CVE-2023-42842
CVE-2023-4733
CVE-2023-4734
CVE-2023-4735
CVE-2023-4736
CVE-2023-4738
CVE-2023-4750
CVE-2023-4751
CVE-2023-4752
CVE-2023-4781
CVE-2023-41254
CVE-2023-40447
CVE-2023-41976
CVE-2023-42852
CVE-2023-42843
CVE-2023-41983
CVE-2023-41975
CVE-2023-42858

Frequently Asked Questions

What is the vulnerability ID for this flaw in the libtiff library?
The vulnerability ID for this flaw in the libtiff library is CVE-2023-30774.
What is the severity of CVE-2023-30774?
CVE-2023-30774 has a severity rating of medium.
How does CVE-2023-30774 manifest?
CVE-2023-30774 manifests as a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values.
Which version of the libtiff library is affected by CVE-2023-30774?
The libtiff library version 4.0.0 is affected by CVE-2023-30774.
Are there any known fixes or patches available for CVE-2023-30774?
Yes, the vulnerability has been reported and fixes or patches may be available. It is recommended to check with the vendor or official sources for the latest updates.

collector/nvd-index
agent/type
agent/first-publish-date
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2023-30774
agent/author
agent/severity
agent/weakness
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/event
collector/apple-support
source/Apple
collector/mitre-cve
source/MITRE
collector/ibm-support
source/IBM
agent/last-modified-date
agent/references
agent/softwarecombine
agent/tags
agent/description
agent/trending
vendor/libtiff
canonical/libtiff libtiff
version/libtiff libtiff/4.0.0
vendor/apple
canonical/apple macos
canonical/apple macos sonoma
vendor/ibm
canonical/ibm cognos analytics
version/ibm cognos analytics/12.0.0-12.0.3
version/ibm cognos analytics/11.2.0-11.2.4 fp4