Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4
purl pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (16)
Vulnerability Summary Aliases
VCID-38sj-85gt-sfhe Out-of-bounds Write A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file. CVE-2023-3164
VCID-4mhv-7vrm-v7hv Out-of-bounds Read A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue affects libtiff versions 4.x. CVE-2023-1916
VCID-7zdy-fxq2-p7gf libtiff: libtiff: Denial of service via double free in tiffcrop.c CVE-2025-61145
VCID-9grz-pkwb-3kc5 libtiff: libtiff: Denial of Service via buffer overflow CVE-2025-61144
VCID-a8jf-xmj8-cuh6 This advisory is a False-Positive and has been removed as it only impacted documentation. CVE-2023-52355
VCID-b4hb-cxzy-suck libtiff: LibTIFF Null Pointer Dereference CVE-2024-13978
VCID-d8kh-h6vs-gqd4 libtiff: LibTIFF memory corruption CVE-2025-8961
VCID-dg96-zmw1-8kcp libtiff: Libtiff Null Pointer Dereference Vulnerability CVE-2025-8534
VCID-ndc5-qn5u-3qbq libtiff: LibTIFF Stack-based buffer overflow CVE-2025-8851
VCID-r186-xqyn-ffey libtiff: libtiff: Denial of Service via NULL pointer dereference in tif_open.c CVE-2025-61143
VCID-rp7t-x7gz-9udg libtiff: heap-based buffer overflow in cpStripToTile() in tools/tiffcp.c CVE-2023-6228
VCID-sqxq-hg7v-d7gv libtiff: LibTIFF Buffer Overflow CVE-2025-8177
VCID-ttb7-w41r-4kfn libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing CVE-2026-4775
VCID-ukgj-45m7-6uba libtiff: Out-of-memory in TIFFOpen via a craft file CVE-2023-6277
VCID-vju4-pghv-47bx libtiff: LibTIFF Use-After-Free Vulnerability CVE-2025-8176
VCID-yfxw-tmnn-byc6 libtiff: LibTIFF memory leak CVE-2025-9165

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-19T05:21:57.732620+00:00 Debian Importer Fixing VCID-7zdy-fxq2-p7gf https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-19T05:16:59.518379+00:00 Debian Importer Fixing VCID-ttb7-w41r-4kfn https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-19T04:21:11.093885+00:00 Debian Importer Fixing VCID-vju4-pghv-47bx https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-19T04:12:24.573504+00:00 Debian Importer Fixing VCID-b4hb-cxzy-suck https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-19T04:11:08.633095+00:00 Debian Importer Fixing VCID-9grz-pkwb-3kc5 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-19T04:07:55.455687+00:00 Debian Importer Fixing VCID-a8jf-xmj8-cuh6 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-19T04:02:18.987130+00:00 Debian Importer Fixing VCID-d8kh-h6vs-gqd4 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-19T03:58:40.165250+00:00 Debian Importer Fixing VCID-38sj-85gt-sfhe https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-19T03:27:24.701900+00:00 Debian Importer Fixing VCID-rp7t-x7gz-9udg https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-19T03:26:30.638500+00:00 Debian Importer Fixing VCID-r186-xqyn-ffey https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-19T02:59:59.987682+00:00 Debian Importer Fixing VCID-dg96-zmw1-8kcp https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-19T02:30:28.230010+00:00 Debian Importer Fixing VCID-ndc5-qn5u-3qbq https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-19T02:26:43.161234+00:00 Debian Importer Fixing VCID-sqxq-hg7v-d7gv https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-19T02:20:50.050952+00:00 Debian Importer Fixing VCID-ukgj-45m7-6uba https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-19T02:19:49.927179+00:00 Debian Importer Fixing VCID-4mhv-7vrm-v7hv https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-19T02:16:55.885131+00:00 Debian Importer Fixing VCID-yfxw-tmnn-byc6 https://security-tracker.debian.org/tracker/data/json 38.4.0