VYPR

rpm package

opensuse/tiff&distro=openSUSE Leap 16.0

pkg:rpm/opensuse/tiff&distro=openSUSE%20Leap%2016.0

Vulnerabilities (7)

  • CVE-2025-9900HigSep 23, 2025
    affected < 4.7.1-160000.1.1fixed 4.7.1-160000.1.1

    A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing

  • CVE-2025-9165LowAug 19, 2025
    affected < 4.7.1-160000.1.1fixed 4.7.1-160000.1.1

    A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. This

  • CVE-2025-8961LowAug 14, 2025
    affected < 4.7.1-160000.1.1fixed 4.7.1-160000.1.1

    A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and c

  • CVE-2025-8534LowAug 5, 2025
    affected < 4.7.1-160000.1.1fixed 4.7.1-160000.1.1

    A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PS_Lvl2page of the file tools/tiff2ps.c of the component tiff2ps. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local hos

  • CVE-2024-13978Aug 1, 2025
    affected < 4.7.1-160000.1.1fixed 4.7.1-160000.1.1

    A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the function t2p_read_tiff_init of the file tools/tiff2pdf.c of the component fax2ps. The manipulation leads to null pointer dereference. The attack needs to b

  • CVE-2025-8176MedJul 26, 2025
    affected < 4.7.1-160000.1.1fixed 4.7.1-160000.1.1

    A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function get_histogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been disc

  • CVE-2025-8177Jul 26, 2025
    affected < 4.7.1-160000.1.1fixed 4.7.1-160000.1.1

    A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58