LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b. processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow via a crafted TIFF image. A vulnerability was found in libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c Multiple potential integer overflow in tiffcp.c in libtiff less than = 4.5.1 can allow remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image which triggers a heap-based buffer overflow. Multiple potential integer overflow in raw2tiff.c in libtiff less than = 4.5.1 can allow remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image which triggers a heap-based buffer overflow