CVEs on libtiff
I use alpine 3.17 and during my security scan on my product I found libtiff (4.4.0-r1) have several CVEs.
CVE list: CVE-2022-3970, CVE-2022-3598, CVE-2022-3597, CVE-2022-3626, CVE-2022-3627, CVE-2022-3599, CVE-2022-3570, CVE-2022-2953, CVE-2022-48281, CVE-2023-0796, CVE-2023-0798, CVE-2023-0800, CVE-2023-0804, CVE-2023-0803, CVE-2023-0801, CVE-2023-0799, CVE-2023-0795, CVE-2023-0797, CVE-2023-0802
If you compile libtiff from source, all the above CVEs are already been fixed. Otherwise, most of those CVEs were fixed in 4.5.0 (released 2 months ago).