CVE-2025-61145

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-61145

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-61145.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-61145

Downstream

BELL-CVE-2025-61145

DEBIAN-CVE-2025-61145

ECHO-400a-de0a-4538

MINI-vq32-jg85-wvfw

OESA-2026-1441

OESA-2026-1442

ROOT-OS-DEBIAN-11-CVE-2025-61145

ROOT-OS-DEBIAN-12-CVE-2025-61145

ROOT-OS-DEBIAN-13-CVE-2025-61145

UBUNTU-CVE-2025-61145

Published

2026-02-23T19:22:56.757Z

Modified

2026-03-14T15:04:50.203142Z

Severity

5.0 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.

References

Affected packages

Git / gitlab.com/libtiff/libtiff

Affected ranges

Type

GIT

Repo

https://gitlab.com/libtiff/libtiff

Events

Introduced

Fixed

5fe20d0e9aba49a6a350ed533459d1505203838f

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "4.7.1"
        }
    ]
}

Affected versions

v3.*

v3.5.3

v3.5.4

v3.5.5

v3.5.7

v3.6.0

v3.6.0beta2

v3.6.1

v3.7.0

v3.7.0alpha

v3.7.0beta

v3.7.0beta2

v3.7.1

v3.7.2

v3.7.3

v3.7.4

v3.8.0

v3.8.1

v3.8.2

v4.*

v4.0.0

v4.0.0alpha

v4.0.0alpha4

v4.0.0alpha5

v4.0.0alpha6

v4.0.0beta7

v4.0.1

v4.0.10

v4.0.2

v4.0.3

v4.0.4

v4.0.4beta

v4.0.5

v4.0.6

v4.0.7

v4.0.8

v4.0.9

v4.1.0

v4.2.0

v4.3.0

v4.3.0rc1

v4.4.0

v4.4.0rc1

v4.5.0

v4.5.0rc1

v4.5.0rc2

v4.5.0rc3

v4.5.1

v4.5.1rc1

v4.5.1rc2

v4.5.1rc3

v4.6.0

v4.6.0rc1

v4.6.0rc2

v4.7.0

v4.7.0rc1

v4.7.0rc2

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-61145.json"