CVE-2023-26965 Information

Description

loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.

Reference

https://gitlab.com/libtiff/libtiff/-/merge_requests/472