CVE-2025-61143

Опубликовано: 23 фев. 2026

Источник: debian

EPSS Низкий

Описание

libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c.

Пакет	Статус	Версия исправления	Релиз	Тип
tiff	fixed	4.7.1-1		package

https://gitlab.com/libtiff/libtiff/-/issues/737
https://gitlab.com/libtiff/libtiff/-/merge_requests/755
Fixed by: https://gitlab.com/libtiff/libtiff/-/commit/4d28af5fe61b1760f10981f5072ff1e6fd44f210 (v4.7.1rc1)
Crash in CLI tool, no security impact

EPSS

Процентиль: 2%

0.00012

Низкий

CVE-2025-61143

CVSS3: 5.5

ubuntu

около 1 месяца назад

libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c.

CVE-2025-61143

CVSS3: 5.5

redhat

около 1 месяца назад

libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c.

CVE-2025-61143

CVSS3: 5.5

nvd

около 1 месяца назад

libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c.

CVE-2025-61143

CVSS3: 5.5

msrc

около 1 месяца назад

libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c.

GHSA-p884-v7p5-5858

CVSS3: 5.5

github

около 1 месяца назад

libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c.

EPSS

Процентиль: 2%

0.00012

Низкий