CNNVD-202507-3371 Information

CNNVD ID

CNNVD-202507-3371

Related CVE

CVE-2025-8176

• CNNVD Published: 2025-07-26

Description (Chinese)

LibTIFF是LibTIFF开源的一个读写TIFF（标签图像文件格式）文件的库。该库包含一些处理TIFF文件的命令行工具。 LibTIFF 4.7.0及之前版本存在资源管理错误漏洞，该漏洞源于文件tools/tiffmedian.c中函数get_histogram存在释放后重用。

Description (English)

LibTIFF is a library of reading and writing TIFF files from the LibTIFF open source. The library contains a number of command line tools to process TIFF files. LibTIFF 4.7.0 and previous versions contain a resource management error loophole that stems from the release reuse of the function Get histogram in filetools/tiffmedian.c.

Hazard Level

High

Vulnerability Type

资源管理错误

Affected Vendor

LibTIFF

Published

2025-07-26

Last Modified

2026-02-24

References

http://www.libtiff.org/ https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172 https://gitlab.com/libtiff/libtiff/-/issues/707 https://gitlab.com/libtiff/libtiff/-/merge_requests/727 https://vuldb.com/?ctiid.317590 https://vuldb.com/?id.317590 https://vuldb.com/?submit.621796