Chintan Shah discovered that LibTIFF incorrectly handled memory in certain conditions. An attacker could trick a user into processing a specially crafted image file and potentially use this issue to allow for information disclosure or to cause the application to crash. (CVE-2022-3570)
It was discovered that LibTIFF incorrectly handled memory in certain conditions. An attacker could trick a user into processing a specially crafted tiff file and potentially use this issue to cause a denial of service. (CVE-2022-3598)
{ "binaries": [ { "binary_name": "libtiff-doc", "binary_version": "4.0.6-1ubuntu0.8+esm6" }, { "binary_name": "libtiff-opengl", "binary_version": "4.0.6-1ubuntu0.8+esm6" }, { "binary_name": "libtiff-opengl-dbgsym", "binary_version": "4.0.6-1ubuntu0.8+esm6" }, { "binary_name": "libtiff-tools", "binary_version": "4.0.6-1ubuntu0.8+esm6" }, { "binary_name": "libtiff-tools-dbgsym", "binary_version": "4.0.6-1ubuntu0.8+esm6" }, { "binary_name": "libtiff5", "binary_version": "4.0.6-1ubuntu0.8+esm6" }, { "binary_name": "libtiff5-dbgsym", "binary_version": "4.0.6-1ubuntu0.8+esm6" }, { "binary_name": "libtiff5-dev", "binary_version": "4.0.6-1ubuntu0.8+esm6" }, { "binary_name": "libtiffxx5", "binary_version": "4.0.6-1ubuntu0.8+esm6" }, { "binary_name": "libtiffxx5-dbgsym", "binary_version": "4.0.6-1ubuntu0.8+esm6" } ], "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro" }