CNNVD-202507-3372 Information

Jul 26, 2025 cve

CNNVD ID

CNNVD-202507-3372

CVE-2025-8177

CNNVD Published: 2025-07-26

Description (Chinese)

LibTIFF是LibTIFF开源的一个读写TIFF（标签图像文件格式）文件的库。该库包含一些处理TIFF文件的命令行工具。 LibTIFF 4.7.0及之前版本存在安全漏洞，该漏洞源于文件tools/thumbnail.c中函数setrow存在缓冲区溢出。

Description (English)

LibTIFF is a library of reading and writing TIFF files from the LibTIFF open source. The library contains a number of command line tools to process TIFF files. There is a security gap in LibTIFF 4.7.0 and earlier versions, which stems from the spilling of the buffer zone in the document ’ s tools/thumbnail.c function setrow.

Hazard Level

High

Vulnerability Type

其他

Published

2025-07-26

Last Modified

2026-02-24

References

http://www.libtiff.org/ https://gitlab.com/libtiff/libtiff/-/commit/e8c9d6c616b19438695fd829e58ae4fde5bfbc22 https://gitlab.com/libtiff/libtiff/-/issues/715 https://gitlab.com/libtiff/libtiff/-/merge_requests/737 https://vuldb.com/?ctiid.317591 https://vuldb.com/?id.317591 https://vuldb.com/?submit.621797

Share on: