What the vulnerability does

01Description

It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input.

Key dates

02Disclosure timeline

August 31, 2022 CVE published
August 3, 2024 Record updated