VDB
DEBIAN-CVE-2025-8177
DEBIAN-CVE-2025-8177
PUBLISHED
CVSS 7.800000190734863 HIGH
A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It is recommended to apply a patch to fix this issue. This vulnerability only affects products that are no longer supported by the maintainer.
Risk Scores
CVSS v3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | tiff | 4.5.1~rc3-1, 4.5.1+git230720, 4.5.1+git230720 |
| Debian:13 | tiff | 4.7.0-3, 0, 4.7.0-4 |
| Debian:11 | tiff | 4.3.0-2, 4.3.0-3, 4.3.0-4 |
| Debian:14 | tiff | 4.7.0-5, 4.7.0-4, 4.7.0-3 |
Timeline
- Jul 26, 2025 CVE Published
- Apr 28, 2026 CVE Updated