VYPR

rpm package

almalinux/mingw32-libtiff-static

pkg:rpm/almalinux/mingw32-libtiff-static

Vulnerabilities (3)

  • CVE-2026-4775HigMar 24, 2026
    affected < 4.0.9-4.el8_10fixed 4.0.9-4.el8_10

    A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer

  • CVE-2025-9900HigSep 23, 2025
    affected < 4.0.9-3.el8_10fixed 4.0.9-3.el8_10

    A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing

  • CVE-2025-8176MedJul 26, 2025
    affected < 4.0.9-3.el8_10fixed 4.0.9-3.el8_10

    A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function get_histogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been disc