CVE-2023-2908: NULL Pointer Dereference
(updated )
A null pointer dereference issue was discovered in Libtiff’s tif_dir.c file. This flaw allows an attacker to pass a crafted TIFF image file to the tiffcp utility, which triggers runtime error, causing an undefined behavior, resulting in an application crash, eventually leading to a denial of service.
References
Detect and mitigate CVE-2023-2908 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →