CNNVD-202509-3630 Information

CNNVD ID

CNNVD-202509-3630

Related CVE

CVE-2025-9900

• CNNVD Published: 2025-09-22

Description (Chinese)

LibTIFF是LibTIFF开源的一个读写TIFF（标签图像文件格式）文件的库。该库包含一些处理TIFF文件的命令行工具。 LibTIFF存在安全漏洞，该漏洞源于可进行任意写入操作。

Description (English)

LibTIFF is a library of reading and writing TIFF files from the LibTIFF open source. The library contains a number of command line tools to process TIFF files. There is a security loophole in LibTIFF, which stems from the ability to perform arbitrary writing operations.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Libxmp

Published

2025-09-22

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/CVE-2025-9900 https://bugzilla.redhat.com/show_bug.cgi?id=2392784 https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file https://vigilance.fr/vulnerability/LibTIFF-memory-corruption-via-TIFFReadRGBAImageOriented-48271 https://access.redhat.com/security/cve/cve-2025-9900 https://www.oracle.com/security-alerts/cpujan2026.html