VYPR

rpm package

suse/tiff&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

pkg:rpm/suse/tiff&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5

Vulnerabilities (9)

  • CVE-2025-61144Feb 23, 2026
    affected < 4.0.9-44.109.1fixed 4.0.9-44.109.1

    libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.

  • CVE-2025-61143Feb 23, 2026
    affected < 4.0.9-44.109.1fixed 4.0.9-44.109.1

    libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c.

  • CVE-2025-9900HigSep 23, 2025
    affected < 4.0.9-44.97.1fixed 4.0.9-44.97.1

    A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing

  • CVE-2025-9165LowAug 19, 2025
    affected < 4.0.9-44.94.1fixed 4.0.9-44.94.1

    A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. This

  • CVE-2025-8961LowAug 14, 2025
    affected < 4.0.9-44.94.1fixed 4.0.9-44.94.1

    A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and c

  • CVE-2025-8851Aug 11, 2025
    affected < 4.0.9-44.106.1fixed 4.0.9-44.106.1

    A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop.c of the component tiffcrop. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attac

  • CVE-2025-8534LowAug 5, 2025
    affected < 4.0.9-44.94.1fixed 4.0.9-44.94.1

    A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PS_Lvl2page of the file tools/tiff2ps.c of the component tiff2ps. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local hos

  • CVE-2025-8176MedJul 26, 2025
    affected < 4.0.9-44.89.1fixed 4.0.9-44.89.1

    A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function get_histogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been disc

  • CVE-2025-8177Jul 26, 2025
    affected < 4.0.9-44.89.1fixed 4.0.9-44.89.1

    A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58