Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:conan/libtiff@4.3.0
purl pkg:conan/libtiff@4.3.0
Tags Ghost
Next non-vulnerable version 4.7.0
Latest non-vulnerable version 4.7.0
Risk 4.0
Vulnerabilities affecting this package (13)
Vulnerability Summary Fixed by
VCID-1mh3-q3y5-qyg1
Aliases:
CVE-2022-1622
Out-of-bounds Read LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.
4.4.0
Affected by 26 other vulnerabilities.
VCID-25fx-7kmb-fqhm
Aliases:
CVE-2022-0924
Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4.
4.4.0
Affected by 26 other vulnerabilities.
VCID-4mq7-s2p6-yufr
Aliases:
CVE-2022-0907
Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f2b656e2.
4.4.0
Affected by 26 other vulnerabilities.
VCID-5mak-1mkk-wkdg
Aliases:
CVE-2022-0561
NULL Pointer Dereference Null source pointer passed as an argument to `memcpy()` function within `TIFFFetchStripThing()` in `tif_dirread.c` in libtiff could lead to Denial of Service via crafted TIFF file.
4.4.0
Affected by 26 other vulnerabilities.
VCID-5r1p-webw-nkcn
Aliases:
CVE-2022-1210
Uncontrolled Resource Consumption A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the public and may be used.
4.4.0
Affected by 26 other vulnerabilities.
VCID-72yx-48n1-jbfs
Aliases:
CVE-2022-1623
Out-of-bounds Read LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.
4.4.0
Affected by 26 other vulnerabilities.
VCID-gmhp-4yx2-gfbv
Aliases:
CVE-2022-0909
Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f8d0f9aa.
4.4.0
Affected by 26 other vulnerabilities.
VCID-h6gn-kv5x-bbd5
Aliases:
CVE-2022-0891
Out-of-bounds Write A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out-of-bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact
4.4.0
Affected by 26 other vulnerabilities.
VCID-h9ap-xxmw-j7dr
Aliases:
CVE-2022-1056
Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 46dc8fcd.
4.4.0
Affected by 26 other vulnerabilities.
VCID-kpq7-5vsv-pucy
Aliases:
CVE-2022-0908
NULL Pointer Dereference Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file.
4.4.0
Affected by 26 other vulnerabilities.
VCID-mhwh-tsst-cfaj
Aliases:
CVE-2022-22844
Out-of-bounds Read LibTIFF has an out-of-bounds read in `_TIFFmemcpy` in `tif_unix.c` in certain situations involving a custom tag and `0x0200` as the second word of the `DE` field.
4.4.0
Affected by 26 other vulnerabilities.
VCID-qsrb-hf2u-tudp
Aliases:
CVE-2022-0562
NULL Pointer Dereference Null source pointer passed as an argument to memcpy() function within `TIFFReadDirectory()` in `tif_dirread.c` in libtiff versions from to could lead to Denial of Service via a crafted TIFF file.
4.4.0
Affected by 26 other vulnerabilities.
VCID-zedn-437q-47b2
Aliases:
CVE-2022-0865
Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 5e180045.
4.4.0
Affected by 26 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T12:51:18.163367+00:00 GitLab Importer Fixing VCID-9gqh-2uat-93c7 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libtiff/CVE-2023-30774.yml 38.0.0
2026-04-01T12:50:04.493032+00:00 GitLab Importer Affected by VCID-1mh3-q3y5-qyg1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libtiff/CVE-2022-1622.yml 38.0.0
2026-04-01T12:50:04.455745+00:00 GitLab Importer Affected by VCID-72yx-48n1-jbfs https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libtiff/CVE-2022-1623.yml 38.0.0
2026-04-01T12:49:47.345683+00:00 GitLab Importer Affected by VCID-5r1p-webw-nkcn https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libtiff/CVE-2022-1210.yml 38.0.0
2026-04-01T12:49:45.168211+00:00 GitLab Importer Affected by VCID-h9ap-xxmw-j7dr https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libtiff/CVE-2022-1056.yml 38.0.0
2026-04-01T12:49:40.447922+00:00 GitLab Importer Affected by VCID-gmhp-4yx2-gfbv https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libtiff/CVE-2022-0909.yml 38.0.0
2026-04-01T12:49:40.403063+00:00 GitLab Importer Affected by VCID-25fx-7kmb-fqhm https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libtiff/CVE-2022-0924.yml 38.0.0
2026-04-01T12:49:40.134559+00:00 GitLab Importer Affected by VCID-4mq7-s2p6-yufr https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libtiff/CVE-2022-0907.yml 38.0.0
2026-04-01T12:49:40.057315+00:00 GitLab Importer Affected by VCID-kpq7-5vsv-pucy https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libtiff/CVE-2022-0908.yml 38.0.0
2026-04-01T12:49:39.588185+00:00 GitLab Importer Affected by VCID-zedn-437q-47b2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libtiff/CVE-2022-0865.yml 38.0.0
2026-04-01T12:49:39.548467+00:00 GitLab Importer Affected by VCID-h6gn-kv5x-bbd5 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libtiff/CVE-2022-0891.yml 38.0.0
2026-04-01T12:49:33.057585+00:00 GitLab Importer Affected by VCID-5mak-1mkk-wkdg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libtiff/CVE-2022-0561.yml 38.0.0
2026-04-01T12:49:33.016312+00:00 GitLab Importer Affected by VCID-qsrb-hf2u-tudp https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libtiff/CVE-2022-0562.yml 38.0.0
2026-04-01T12:49:16.129809+00:00 GitLab Importer Affected by VCID-mhwh-tsst-cfaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libtiff/CVE-2022-22844.yml 38.0.0