CVE-2022-4645

Out-of-bounds Read in conan/libtiff

Identifiers

CVE-2022-4645

Package Slug

conan/libtiff

Vulnerability

Out-of-bounds Read

Description

LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.

Affected Versions

All versions up to 4.4.0

Solution

Unfortunately, there is no solution available yet.

Last Modified

2023-03-09

source