libtiff.so is vulnerable to denial of service. The vulnerability exists in tiffcrop.c
due to improper input validation leading to out of bounds reads and writes which allows an attacker to send crated tiff files causing an application crash.
access.redhat.com/security/cve/cve-2022-2868
bugzilla.redhat.com/show_bug.cgi?id=2118863
github.com/advisories/GHSA-8rfm-2x4g-8xh5
gitlab.com/libtiff/libtiff/-/issues/335
gitlab.com/libtiff/libtiff/-/merge_requests/294/diffs?commit_id=b258ed69a485a9cfb299d9f060eb2a46c54e5903
lists.debian.org/debian-lts-announce/2023/01/msg00018.html
www.debian.org/security/2023/dsa-5333