Aggregates CVE and security vulnerability intelligence across all LibTIFF-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk memory corruption and vendor risk input validation and related problems; some flaws may lead to vendor impact application crash, affecting vendor surface production workloads scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-4775 | A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations, potentially causing a denial of service (application crash) or arbitrary code execution. | [email protected] | 7.8 | 0.04% | 2026-03-24 | 2026-05-26 |
| CVE-2025-61145 | libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c. | [email protected] | 5.0 | 0.02% | 2026-02-23 | 2026-02-25 |
| CVE-2025-61144 | libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function. | [email protected] | 7.3 | 0.02% | 2026-02-23 | 2026-02-25 |
| CVE-2025-61143 | libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c. | [email protected] | 5.5 | 0.02% | 2026-02-23 | 2026-02-25 |
| CVE-2025-9165 | A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. This attack is characterized by high complexity. It is indicated that the exploitability is difficult. The exploit has been published and may be used. There is ongoing doubt regarding the real existence of this vulnerability. | [email protected] | 1.1 | 0.01% | 2025-08-19 | 2026-04-29 |
| CVE-2025-8961 | A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be exploited. | [email protected] | 1.9 | 0.06% | 2025-08-14 | 2026-04-29 |
| CVE-2025-8851 | A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop.c of the component tiffcrop. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The patch is identified as 8a7a48d7a645992ca83062b3a1873c951661e2b3. It is recommended to apply a patch to fix this issue. | [email protected] | 4.8 | 0.08% | 2025-08-11 | 2025-10-30 |
| CVE-2025-8534 | A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PS_Lvl2page of the file tools/tiff2ps.c of the component tiff2ps. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 6ba36f159fd396ad11bf6b7874554197736ecc8b. It | [email protected] | 1.1 | 0.13% | 2025-08-05 | 2026-04-29 |
| CVE-2024-13978 | A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the function t2p_read_tiff_init of the file tools/tiff2pdf.c of the component fax2ps. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation appears to be difficult. The patch is named 2ebfffb0e8836bfb1cd7d85c059cd285c59761a4. It is recommended to apply a patch to fix this issu | [email protected] | 2.0 | 0.05% | 2025-08-01 | 2025-11-03 |
| CVE-2025-8177 | A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It is recommended to apply a patch to fix this issue. This vulnerability only affects products that are no longer supported by the maintainer. | [email protected] | 4.8 | 0.07% | 2025-07-26 | 2025-09-11 |
| CVE-2025-8176 | A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function get_histogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as fe10872e53efba9cc36c66ac4ab3b41a839d5172. It is recommended to apply a patch to fix this issue. | [email protected] | 1.9 | 0.07% | 2025-07-26 | 2026-04-29 |
| CVE-2024-7006 | A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash, eventually leading to a denial of service. | [email protected] | 7.5 | 0.54% | 2024-08-12 | 2025-11-03 |
| CVE-2023-52356 | A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service. | [email protected] | 7.5 | 0.74% | 2024-01-25 | 2026-05-12 |
| CVE-2023-52355 | An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB. | [email protected] | 7.5 | 1.35% | 2024-01-25 | 2026-02-27 |
| CVE-2023-6228 | An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash. | [email protected] | 3.3 | 0.02% | 2023-12-18 | 2024-11-21 |
| CVE-2023-6277 | An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen() API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB. | [email protected] | 6.5 | 3.75% | 2023-11-24 | 2024-11-21 |
| CVE-2023-3164 | A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file. | [email protected] | 5.5 | 0.01% | 2023-11-02 | 2024-11-21 |
| CVE-2023-41175 | A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. | [email protected] | 6.5 | 0.33% | 2023-10-05 | 2024-12-04 |
| CVE-2023-40745 | LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. | [email protected] | 6.5 | 0.26% | 2023-10-05 | 2024-11-21 |
| CVE-2023-3576 | A memory leak flaw was found in Libtiff's tiffcrop utility. This issue occurs when tiffcrop operates on a TIFF image file, allowing an attacker to pass a crafted TIFF image file to tiffcrop utility, which causes this memory leak issue, resulting an application crash, eventually leading to a denial of service. | [email protected] | 5.5 | 0.03% | 2023-10-04 | 2024-11-21 |