The version of libtiff installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-6277 advisory. An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen() API May allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB. (CVE-2023-6277) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version…Read More