libtiff.so is vulnerable to denial of service (DoS) attacks. A malicious user is able to cause denial-of-service conditions via an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c
through a crafted tiff
file.
CPE | Name | Operator | Version |
---|---|---|---|
libtiff.so | le | 4.2.1 | |
libtiff.so | le | 4.2.1 |
gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1623.json
gitlab.com/libtiff/libtiff/-/commit/b4e79bfa0c7d2d08f6f1e7ec38143fc8cb11394a
gitlab.com/libtiff/libtiff/-/issues/410
lists.fedoraproject.org/archives/list/[email protected]/message/C7IWZTB4J2N4F5OR5QY4VHDSKWKZSWN3/
lists.fedoraproject.org/archives/list/[email protected]/message/UXAFOP6QQRNZD3HPZ6BMCEZZOM4YIZMK/
security.gentoo.org/glsa/202210-10
security.netapp.com/advisory/ntap-20220616-0005/
www.debian.org/security/2023/dsa-5333