CVE-2023-26966: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
(updated )
libtiff 4.5.0 is vulnerable to Buffer Overflow in uv_encode() when libtiff reads a corrupted little-endian TIFF file and specifies the output to be big-endian.
References
Detect and mitigate CVE-2023-26966 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →