发布于3月6日3月6日 Members Debian: CVE-2022-4645: tiff -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/03/2023 Created 03/07/2023 Added 03/06/2023 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125. Solution(s) debian-upgrade-tiff References https://attackerkb.com/topics/cve-2022-4645 CVE - 2022-4645 DSA-5333-1
