JLSEC-2025-322 A weakness has been identified in LibTIFF 4.7.0

🗓️ 25 Nov 2025 22:18:43Reported by GoogleType

osv🔗 osv.dev👁 2 Views

A vulnerability in LibTIFF 4.7.0 affects tiffcrop main function; local memory corruption exploit is publicly available.

Reporter	Title	Published	Views	Family All 83
Tenable Nessus	Amazon Linux 2023 : libtiff, libtiff-devel, libtiff-static (ALAS2023-2025-1212)	15 Oct 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : libtiff, --advisory ALAS2-2025-3019 (ALAS-2025-3019)	15 Oct 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : compat-libtiff3, --advisory ALAS2-2025-3039 (ALAS-2025-3039)	28 Oct 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : compat-libtiff3, --advisory ALAS2-2026-3194 (ALAS-2026-3194)	19 Mar 202600:00	–	nessus
Tenable Nessus	Fedora 43 : tkimg (2025-13b23a6952)	28 Dec 202500:00	–	nessus
Tenable Nessus	Fedora 42 : tkimg (2025-419c60783f)	28 Dec 202500:00	–	nessus
Tenable Nessus	Fedora 44 : libtiff (2025-bc6408ea0e)	24 Sep 202500:00	–	nessus
Tenable Nessus	openSUSE 16 Security Update : tiff (openSUSE-SU-2025-20049-1)	24 Nov 202500:00	–	nessus
Tenable Nessus	SUSE SLED15 / SLES15 Security Update : tiff (SUSE-SU-2025:03345-1)	25 Sep 202500:00	–	nessus
Tenable Nessus	SUSE SLES12 Security Update : tiff (SUSE-SU-2025:03346-1)	25 Sep 202500:00	–	nessus

Source	Link
libtiff	www.libtiff.org/
drive	www.drive.google.com/file/d/15L4q2eD8GX3Aj3z6SWC3_FbqaM1ChUx2/view
gitlab	www.gitlab.com/libtiff/libtiff/-/issues/721
gitlab	www.gitlab.com/libtiff/libtiff/-/issues/721
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/

25 Nov 2025 22:48Current

6.5Medium risk

Vulners AI Score6.5

CVSS 21.7

CVSS 3.13.3

CVSS 44.8

CVSS 33.3

EPSS0.00055

SSVC