rpm package
almalinux/mingw32-libtiff-static
pkg:rpm/almalinux/mingw32-libtiff-static
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-4775 | Hig | 7.8 | < 4.0.9-4.el8_10 | 4.0.9-4.el8_10 | Mar 24, 2026 | A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer | |
| CVE-2025-9900 | Hig | 8.8 | < 4.0.9-3.el8_10 | 4.0.9-3.el8_10 | Sep 23, 2025 | A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing | |
| CVE-2025-8176 | Med | 5.3 | < 4.0.9-3.el8_10 | 4.0.9-3.el8_10 | Jul 26, 2025 | A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function get_histogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been disc |
- affected < 4.0.9-4.el8_10fixed 4.0.9-4.el8_10
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer
- affected < 4.0.9-3.el8_10fixed 4.0.9-3.el8_10
A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing
- affected < 4.0.9-3.el8_10fixed 4.0.9-3.el8_10
A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function get_histogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been disc