CVE-2024-13978 | LibTIFF up to 4.7.0 fax2ps tools/tiff2pdf.c t2p_read_tiff_init null pointer dereference (Issue 649)

Inserito da Angelo Barbosa | Lug 30, 2025 | CVE

A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the function t2p_read_tiff_init of the file tools/tiff2pdf.c of the component fax2ps. The manipulation leads to null pointer dereference.

This vulnerability is known as CVE-2024-13978. The attack needs to be approached locally. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-13978 | LibTIFF up to 4.7.0 fax2ps tools/tiff2pdf.c t2p_read_tiff_init null pointer dereference (Issue 649)

Post correlati

CVE-2024-7412 | No Update Nag Plugin up to 1.4.12 on WordPress information disclosure

CVE-2024-28395 | Best-Kit bestkit_popup up to 1.7.2 on PrestaShop bestkit_popup.php sql injection

CVE-2024-35704 | WPBlockArt BlockArt Blocks Plugin up to 2.1.5 on WordPress cross site scripting

CVE-2024-40842 | Apple macOS up to 14.7 Environment Variable access control