VYPR

rpm package

almalinux/compat-libtiff3

pkg:rpm/almalinux/compat-libtiff3

Vulnerabilities (2)

  • CVE-2026-4775HigMar 24, 2026
    affected < 3.9.4-15.el8_10fixed 3.9.4-15.el8_10

    A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer

  • CVE-2025-9900HigSep 23, 2025
    affected < 3.9.4-14.el8_10fixed 3.9.4-14.el8_10

    A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing