VDB
JLSEC-2025-259
JLSEC-2025-259
PUBLISHED
LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving...
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Julia | Libtiff_jll | 4.3.0+0, 4.3.0+0 |
Timeline
- Nov 25, 2025 CVE Published
- Nov 25, 2025 CVE Updated
- May 1, 2026 Distribution Patch
References
- https://gitlab.com/libtiff/libtiff/-/issues/355 url
- https://gitlab.com/libtiff/libtiff/-/merge_requests/287 url
- https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html url
- https://security.gentoo.org/glsa/202210-10 url
- https://security.netapp.com/advisory/ntap-20220311-0002/ url
- https://www.debian.org/security/2022/dsa-5108 url