CVE-2025-61145

Опубликовано: 23 фев. 2026

Источник: debian

EPSS Низкий

Описание

libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.

Пакет	Статус	Версия исправления	Релиз	Тип
tiff	fixed	4.7.1-1		package

https://gitlab.com/libtiff/libtiff/-/issues/736
https://gitlab.com/libtiff/libtiff/-/merge_requests/753
Fixed by: https://gitlab.com/libtiff/libtiff/-/commit/0ac97aa7a5bffddd88f7cdbe517264e9db3f5bd5 (v4.7.1rc1)
Crash in CLI tool, no security impact

EPSS

Процентиль: 2%

0.00013

Низкий

CVE-2025-61145

CVSS3: 5

ubuntu

около 1 месяца назад

libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.

CVE-2025-61145

CVSS3: 5

redhat

около 1 месяца назад

libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.

CVE-2025-61145

CVSS3: 5

nvd

около 1 месяца назад

libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.

CVE-2025-61145

msrc

около 1 месяца назад

libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.

GHSA-5jj2-qhxw-rpq6

CVSS3: 5

github

около 1 месяца назад

libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.

EPSS

Процентиль: 2%

0.00013

Низкий