CVE-2025-61144

Опубликовано: 23 фев. 2026

Источник: nvd

CVSS3: 7.3

CVSS3: 9.8

EPSS Низкий

Описание

libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.

Ссылки

https://gist.github.com/optionGo/5ad17e96a0a40f03578dd6c9f8645952
Third Party Advisory
https://gitlab.com/libtiff/libtiff/-/commit/09f53a86cf26dfd961925227e59e180db617f26d
Patch
https://gitlab.com/libtiff/libtiff/-/commit/88cf9dbb48f6e172629795ecffae35d5052f68aa
Patch
https://gitlab.com/libtiff/libtiff/-/issues/740
Exploit
Issue Tracking
https://gitlab.com/libtiff/libtiff/-/merge_requests/757
Issue Tracking

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*

Версия до 4.7.1 (исключая)

EPSS

Процентиль: 9%

0.0003

Низкий

7.3 High

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-119

Связанные уязвимости

CVE-2025-61144

CVSS3: 7.3

ubuntu

около 1 месяца назад

libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.

CVE-2025-61144

CVSS3: 5

redhat

около 1 месяца назад

libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.

CVE-2025-61144

CVSS3: 9.8

msrc

около 1 месяца назад

libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.

CVE-2025-61144

CVSS3: 7.3

debian

около 1 месяца назад

libtiff up to v4.7.1 was discovered to contain a stack overflow via th ...

GHSA-m6xw-mq4p-x7xv

CVSS3: 7.3

github

около 1 месяца назад

libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.

EPSS

Процентиль: 9%

0.0003

Низкий

7.3 High

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-119