Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/tiff@4.4.0~rc1-1?distro=trixie
purl pkg:deb/debian/tiff@4.4.0~rc1-1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (6)
Vulnerability Summary Aliases
VCID-1mh3-q3y5-qyg1 Out-of-bounds Read LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa. CVE-2022-1622
VCID-6kck-g3z6-cuge libtiff: uint32_t underflow leads to out of bounds read and write in tiffcrop.c CVE-2022-2867
VCID-72yx-48n1-jbfs Out-of-bounds Read LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa. CVE-2022-1623
VCID-h9ap-xxmw-j7dr Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 46dc8fcd. CVE-2022-1056
VCID-ruhz-ty5e-nkgr libtiff: tiffcrop.c has uint32_t underflow which leads to out of bounds read and write in extractContigSamples8bits() CVE-2022-2869
VCID-vzr7-wz88-h7gx libtiff: Invalid crop_width and/or crop_length could cause an out-of-bounds read in reverseSamples16bits() CVE-2022-2868

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T09:37:21.040812+00:00 Debian Importer Fixing VCID-72yx-48n1-jbfs https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:35:02.458081+00:00 Debian Importer Fixing VCID-vzr7-wz88-h7gx https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:53:54.085217+00:00 Debian Importer Fixing VCID-ruhz-ty5e-nkgr https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:50:59.108429+00:00 Debian Importer Fixing VCID-1mh3-q3y5-qyg1 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:44:07.179576+00:00 Debian Importer Fixing VCID-6kck-g3z6-cuge https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-11T18:24:19.289862+00:00 Debian Importer Fixing VCID-72yx-48n1-jbfs https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:23:01.934289+00:00 Debian Importer Fixing VCID-vzr7-wz88-h7gx https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:58:16.097349+00:00 Debian Importer Fixing VCID-ruhz-ty5e-nkgr https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:56:40.957921+00:00 Debian Importer Fixing VCID-1mh3-q3y5-qyg1 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:52:06.889250+00:00 Debian Importer Fixing VCID-6kck-g3z6-cuge https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:55:12.974786+00:00 Debian Importer Fixing VCID-ruhz-ty5e-nkgr https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:55:12.926535+00:00 Debian Importer Fixing VCID-vzr7-wz88-h7gx https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:55:12.878366+00:00 Debian Importer Fixing VCID-6kck-g3z6-cuge https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:55:12.440221+00:00 Debian Importer Fixing VCID-72yx-48n1-jbfs https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:55:12.393183+00:00 Debian Importer Fixing VCID-1mh3-q3y5-qyg1 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:55:12.234481+00:00 Debian Importer Fixing VCID-h9ap-xxmw-j7dr https://security-tracker.debian.org/tracker/data/json 38.1.0