发布于3月6日3月6日 Members Ubuntu: (CVE-2022-4645): tiff vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/03/2023 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125. Solution(s) ubuntu-pro-upgrade-tiff References https://attackerkb.com/topics/cve-2022-4645 CVE - 2022-4645 https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4645.json https://www.cve.org/CVERecord?id=CVE-2022-4645
