CNNVD-202508-1636 Information

CNNVD ID

CNNVD-202508-1636

Related CVE

CVE-2025-8961

• CNNVD Published: 2025-08-14

Description (Chinese)

LibTIFF是LibTIFF开源的一个读写TIFF（标签图像文件格式）文件的库。该库包含一些处理TIFF文件的命令行工具。 LibTIFF 4.7.0版本存在缓冲区错误漏洞，该漏洞源于文件tiffcrop.c的错误操作导致内存损坏。

Description (English)

LibTIFF is a library of reading and writing TIFF files from the LibTIFF open source. The library contains a number of command line tools to process TIFF files. Version 4.7.0 of LibTIFF contains an error loophole in the buffer zone, which arises from the error of document tiffcrop.c, resulting in memory damage.

Hazard Level

Critical

Vulnerability Type

缓冲区错误

Affected Vendor

LibTIFF

Published

2025-08-14

Last Modified

2026-02-24

References

https://vuldb.com/?submit.627957 https://vuldb.com/?id.319955 https://vuldb.com/?ctiid.319955 https://gitlab.com/libtiff/libtiff/-/issues/721#note_2670686960 https://drive.google.com/file/d/15L4q2eD8GX3Aj3z6SWC3_FbqaM1ChUx2/view?usp=sharing http://www.libtiff.org/ https://nvd.nist.gov/vuln/detail/CVE-2025-8961