CVE-2025-8176

Medium CVSS: 4.8

A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function get_histogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as fe10872e53efba9cc36c66ac4ab3b41a839d5172. It is recommended to apply a patch to fix this issue.

Vendor

Libtiff

Product

Libtiff

CWE

CWE-119

Yayın Tarihi

2025-07-26 04:16:10

Güncelleme

2025-09-11 16:58:39

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-119 Libtiff MEDIUM Libtiff 2025

Referanslar

http://www.libtiff.org/ https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172 https://gitlab.com/libtiff/libtiff/-/issues/707 https://gitlab.com/libtiff/libtiff/-/merge_requests/727 https://vuldb.com/?ctiid.317590 https://vuldb.com/?id.317590 https://vuldb.com/?submit.621796

Benzer Kayıtlar

Medium

CVE-2025-61143

libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c.

High

CVE-2025-61144

libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.

Medium

CVE-2025-61145

libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.

Low

CVE-2025-9165

A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCC…

Medium

CVE-2025-8961

A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component…

Medium

CVE-2025-8851

A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffe…