{"url":"http://public2.vulnerablecode.io/api/packages/93647?format=json","purl":"pkg:rpm/redhat/libtiff-main@4.7.1-2.1?arch=hum1","type":"rpm","namespace":"redhat","name":"libtiff-main","version":"4.7.1-2.1","qualifiers":{"arch":"hum1"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66699?format=json","vulnerability_id":"VCID-6hf4-rc1a-pbg6","summary":"libtiff: libtiff: Denial of Service via NULL pointer dereference in tif_open.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61143.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61143.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61143","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03105","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03189","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03197","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.0315","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03131","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61143"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61143","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61143"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441978","reference_id":"2441978","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441978"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/737","reference_id":"737","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-25T14:23:47Z/"}],"url":"https://gitlab.com/libtiff/libtiff/-/issues/737"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/755","reference_id":"755","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-25T14:23:47Z/"}],"url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/755"},{"reference_url":"https://gist.github.com/optionGo/9c024cd8e7b131463b84dc60af9bb0aa","reference_id":"9c024cd8e7b131463b84dc60af9bb0aa","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-25T14:23:47Z/"}],"url":"https://gist.github.com/optionGo/9c024cd8e7b131463b84dc60af9bb0aa"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7504","reference_id":"RHSA-2026:7504","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7504"},{"reference_url":"https://usn.ubuntu.com/8113-1/","reference_id":"USN-8113-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8113-1/"}],"fixed_packages":[],"aliases":["CVE-2025-61143"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6hf4-rc1a-pbg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66698?format=json","vulnerability_id":"VCID-92dt-g6m8-fufk","summary":"libtiff: libtiff: Denial of Service via buffer overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61144.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61144.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61144","reference_id":"","reference_type":"","scores":[{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10661","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10734","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10758","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10723","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10641","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61144"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/09f53a86cf26dfd961925227e59e180db617f26d","reference_id":"09f53a86cf26dfd961925227e59e180db617f26d","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T14:26:52Z/"}],"url":"https://gitlab.com/libtiff/libtiff/-/commit/09f53a86cf26dfd961925227e59e180db617f26d"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441977","reference_id":"2441977","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441977"},{"reference_url":"https://gist.github.com/optionGo/5ad17e96a0a40f03578dd6c9f8645952","reference_id":"5ad17e96a0a40f03578dd6c9f8645952","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T14:26:52Z/"}],"url":"https://gist.github.com/optionGo/5ad17e96a0a40f03578dd6c9f8645952"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/740","reference_id":"740","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T14:26:52Z/"}],"url":"https://gitlab.com/libtiff/libtiff/-/issues/740"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/757","reference_id":"757","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T14:26:52Z/"}],"url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/757"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/88cf9dbb48f6e172629795ecffae35d5052f68aa","reference_id":"88cf9dbb48f6e172629795ecffae35d5052f68aa","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T14:26:52Z/"}],"url":"https://gitlab.com/libtiff/libtiff/-/commit/88cf9dbb48f6e172629795ecffae35d5052f68aa"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7504","reference_id":"RHSA-2026:7504","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7504"},{"reference_url":"https://usn.ubuntu.com/8113-1/","reference_id":"USN-8113-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8113-1/"}],"fixed_packages":[],"aliases":["CVE-2025-61144"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"6.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-92dt-g6m8-fufk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74631?format=json","vulnerability_id":"VCID-d4hm-me5r-g7ck","summary":"libtiff: Libtiff Write-What-Where","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9900.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9900.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9900","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12041","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11929","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12003","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12045","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16881","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9900"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2392784","reference_id":"2392784","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2392784"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/704","reference_id":"704","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://gitlab.com/libtiff/libtiff/-/issues/704"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/732","reference_id":"732","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/732"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ai_inference_server:3.2::el9","reference_id":"cpe:/a:redhat:ai_inference_server:3.2::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ai_inference_server:3.2::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9","reference_id":"cpe:/a:redhat:discovery:2::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1","reference_id":"cpe:/a:redhat:hummingbird:1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.4::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1","reference_id":"cpe:/o:redhat:enterprise_linux:10.1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-9900","reference_id":"CVE-2025-9900","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-9900"},{"reference_url":"https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file","reference_id":"LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17651","reference_id":"RHSA-2025:17651","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:17651"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17675","reference_id":"RHSA-2025:17675","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:17675"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17710","reference_id":"RHSA-2025:17710","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:17710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17738","reference_id":"RHSA-2025:17738","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:17738"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17739","reference_id":"RHSA-2025:17739","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:17739"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17740","reference_id":"RHSA-2025:17740","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:17740"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19113","reference_id":"RHSA-2025:19113","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19113"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19156","reference_id":"RHSA-2025:19156","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19276","reference_id":"RHSA-2025:19276","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19276"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19906","reference_id":"RHSA-2025:19906","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19947","reference_id":"RHSA-2025:19947","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20956","reference_id":"RHSA-2025:20956","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:20956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20998","reference_id":"RHSA-2025:20998","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:20998"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21060","reference_id":"RHSA-2025:21060","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21060"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21061","reference_id":"RHSA-2025:21061","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21061"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21062","reference_id":"RHSA-2025:21062","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21062"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21407","reference_id":"RHSA-2025:21407","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21407"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21506","reference_id":"RHSA-2025:21506","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21506"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21507","reference_id":"RHSA-2025:21507","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21507"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21508","reference_id":"RHSA-2025:21508","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21994","reference_id":"RHSA-2025:21994","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21994"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23078","reference_id":"RHSA-2025:23078","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:23078"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23079","reference_id":"RHSA-2025:23079","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:23079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23080","reference_id":"RHSA-2025:23080","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:23080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0001","reference_id":"RHSA-2026:0001","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0076","reference_id":"RHSA-2026:0076","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0076"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0077","reference_id":"RHSA-2026:0077","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0078","reference_id":"RHSA-2026:0078","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0078"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3461","reference_id":"RHSA-2026:3461","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:3461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3462","reference_id":"RHSA-2026:3462","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:3462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7504","reference_id":"RHSA-2026:7504","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:7504"},{"reference_url":"https://usn.ubuntu.com/7783-1/","reference_id":"USN-7783-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7783-1/"},{"reference_url":"https://usn.ubuntu.com/8345-1/","reference_id":"USN-8345-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8345-1/"},{"reference_url":"https://usn.ubuntu.com/8346-1/","reference_id":"USN-8346-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8346-1/"},{"reference_url":"https://usn.ubuntu.com/8347-1/","reference_id":"USN-8347-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8347-1/"},{"reference_url":"https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html","reference_id":"v4.7.1.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T03:55:16Z/"}],"url":"https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html"}],"fixed_packages":[],"aliases":["CVE-2025-9900"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d4hm-me5r-g7ck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66697?format=json","vulnerability_id":"VCID-fbks-9s7e-wfcj","summary":"libtiff: libtiff: Denial of service via double free in tiffcrop.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61145.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61145.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61145","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03045","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03142","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03152","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03099","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.0308","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61145"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61145","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61145"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gist.github.com/optionGo/062f109569196dbffd8ac12020b42289","reference_id":"062f109569196dbffd8ac12020b42289","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-25T14:28:55Z/"}],"url":"https://gist.github.com/optionGo/062f109569196dbffd8ac12020b42289"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441975","reference_id":"2441975","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441975"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/736","reference_id":"736","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-25T14:28:55Z/"}],"url":"https://gitlab.com/libtiff/libtiff/-/issues/736"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/753","reference_id":"753","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-25T14:28:55Z/"}],"url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7504","reference_id":"RHSA-2026:7504","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7504"}],"fixed_packages":[],"aliases":["CVE-2025-61145"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fbks-9s7e-wfcj"}],"fixing_vulnerabilities":[],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libtiff-main@4.7.1-2.1%3Farch=hum1"}