CVE-2025-8851

Medium CVSS: 4.8

A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop.c of the component tiffcrop. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The patch is identified as 8a7a48d7a645992ca83062b3a1873c951661e2b3. It is recommended to apply a patch to fix this issue.

Vendor

Libtiff

Product

Libtiff

CWE

CWE-119

Yayın Tarihi

2025-08-11 14:15:27

Güncelleme

2025-10-30 21:10:36

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-119 Libtiff MEDIUM Libtiff 2025

Referanslar

http://www.libtiff.org/ https://gitlab.com/libtiff/libtiff/-/commit/8a7a48d7a645992ca83062b3a1873c951661e2b3 https://vuldb.com/?ctiid.319382 https://vuldb.com/?id.319382 https://vuldb.com/?submit.624604 https://vuldb.com/?submit.624604

Benzer Kayıtlar

Medium

CVE-2025-61143

libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c.

High

CVE-2025-61144

libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.

Medium

CVE-2025-61145

libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.

Low

CVE-2025-9165

A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCC…

Medium

CVE-2025-8961

A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component…

Low

CVE-2025-8534

A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PS_Lvl2pag…