← back
CVE-2022-2868

CVE-2022-2868

EPSS 0.3%CWE-20
libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop.
Affected products
n/a · libtiff

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugzilla.redhat.com/show_bug.cgi?id=2118863https://lists.debian.org/debian-lts-announce/2023/01/msg00018.htmlhttps://www.debian.org/security/2023/dsa-5333