CVE-2018-18661

Public on 2018-10-26

Modified on 2019-10-23

Description

An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tif_lzw.c.

Severity

Low

CVSS v3 Base Score

3.3

See breakdown

Affected Packages

Platform	Package	Release Date	Advisory	Status
Amazon Linux 1	libtiff	2019-10-08	ALAS-2019-1306	Fixed
Amazon Linux 2 - Core	libtiff	2019-10-21	ALAS2-2019-1327	Fixed