CVE-2025-61144

High CVSS: 7.3

libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.

Vendor

Product

CWE

Yayın Tarihi

2026-02-23 19:22:56

Güncelleme

2026-02-25 15:20:50

Source Identifier

cve@mitre.org

KEV Date Added

CWE-119 Libtiff HIGH Libtiff 2026

https://gist.github.com/optionGo/5ad17e96a0a40f03578dd6c9f8645952 https://gitlab.com/libtiff/libtiff/-/commit/09f53a86cf26dfd961925227e59e180db617f26d https://gitlab.com/libtiff/libtiff/-/commit/88cf9dbb48f6e172629795ecffae35d5052f68aa https://gitlab.com/libtiff/libtiff/-/issues/740 https://gitlab.com/libtiff/libtiff/-/merge_requests/757

Medium

CVE-2025-61143

libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c.

Medium

CVE-2025-61145

libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.

Low

CVE-2025-9165

A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCC…

Medium

CVE-2025-8961

A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component…

Medium

CVE-2025-8851

A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffe…

Low

CVE-2025-8534

A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PS_Lvl2pag…