4 issues skipped by the security teams:
- CVE-2018-12900: Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via a crafted TIFF file.
- CVE-2015-7313: LibTIFF allows remote attackers to cause a denial of service (memory consumption and crash) via a crafted tiff file.
- CVE-2018-5360: LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27.
- CVE-2017-17942: In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBitsEncode in tif_packbits.c.