CLSA-2025-1745271345
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1745271345.json
- JSON Data
- https://api.osv.dev/v1/vulns/CLSA-2025-1745271345
- Upstream
- Published
- 2025-04-21T21:35:50Z
- Modified
- 2026-06-01T00:30:41.469525818Z
- Summary
- libtiff: Fix of 3 CVEs
- Details
-
- CVE-2023-3316: avoid NULL pointer dereference in TIFFClose() when output file fails to open due to invalid path or permissions
- CVE-2023-3618: handle errors from writeSelections() to prevent buffer overflow in Fax3Encode() and potential DoS
- CVE-2023-3576: resolve memory leak in tiffcrop.c to prevent potential DoS via crafted TIFF file
- References
Affected packages
TuxCare:AlmaLinux:9.2 / libtiff
Package
- Name
- libtiff
- Purl
- pkg:rpm/tuxcare/libtiff?distro=almalinux-9.2
TuxCare:AlmaLinux:9.2 / libtiff-devel
Package
- Name
- libtiff-devel
- Purl
- pkg:rpm/tuxcare/libtiff-devel?distro=almalinux-9.2
TuxCare:AlmaLinux:9.2 / libtiff-static
Package
- Name
- libtiff-static
- Purl
- pkg:rpm/tuxcare/libtiff-static?distro=almalinux-9.2