CVE-2023-3316

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-3316

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-3316.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-3316

Downstream

ALPINE-CVE-2023-3316

DEBIAN-CVE-2023-3316

DLA-3513-1

DLA-4026-1

JLSEC-2025-305

OESA-2023-1385

RHSA-2023:6575

SUSE-SU-2023:4370-1

SUSE-SU-2023:4371-1

UBUNTU-CVE-2023-3316

USN-6229-1

USN-6290-1

Related

Published

2023-06-19T12:15:09.520Z

Modified

2025-11-14T03:36:30.770129Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.

References

Affected packages

Git / gitlab.com/libtiff/libtiff

Affected ranges

Type: GIT
Repo: https://gitlab.com/libtiff/libtiff
Events: Introduced

616624213caa4017313ca0aac850c1101759d4ff

Fixed

4f34a374b2e2cba3c8055ab77458c5730c073aff

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-3316.json"