CVE-2022-22844

Out-of-bounds Read in conan/libtiff

Identifiers

CVE-2022-22844

Package Slug

conan/libtiff

Vulnerability

Out-of-bounds Read

Description

LibTIFF has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field.

Affected Versions

Version 4.3.0

Solution

Upgrade to version 4.4.0 or above.

Last Modified

2022-01-21

source