Vulnerability Description
A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It is recommended to apply a patch to fix this issue. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Libtiff | Libtiff | <= 4.7.0 |
Related Weaknesses (CWE)
References
- http://www.libtiff.org/Product
- https://gitlab.com/libtiff/libtiff/-/commit/e8c9d6c616b19438695fd829e58ae4fde5bfPatch
- https://gitlab.com/libtiff/libtiff/-/issues/715ExploitIssue TrackingVendor Advisory
- https://gitlab.com/libtiff/libtiff/-/merge_requests/737Product
- https://vuldb.com/?ctiid.317591Permissions RequiredVDB Entry
- https://vuldb.com/?id.317591Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.621797Third Party AdvisoryVDB Entry
- https://gitlab.com/libtiff/libtiff/-/issues/715ExploitIssue TrackingVendor Advisory
- https://vuldb.com/?submit.621797Third Party AdvisoryVDB Entry
FAQ
What is CVE-2025-8177?
CVE-2025-8177 is a vulnerability with a CVSS score of 5.3 (MEDIUM). A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An att...
How severe is CVE-2025-8177?
CVE-2025-8177 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-8177?
Check the references section above for vendor advisories and patch information. Affected products include: Libtiff Libtiff.