CVE-2022-34526: Out-of-bounds Write

July 29, 2022 (updated November 9, 2023)

A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file.

References

gitlab.com/libtiff/libtiff/-/issues/433
nvd.nist.gov/vuln/detail/CVE-2022-34526

Detect and mitigate CVE-2022-34526 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →