CVE-2025-61144
- Source
- https://cve.org/CVERecord?id=CVE-2025-61144
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-61144.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-61144
- Downstream
- Related
- Published
- 2026-02-23T00:00:00Z
- Modified
- 2026-05-19T12:03:18.281329088Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.
- Database specific
{ "cna_assigner": "mitre", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/61xxx/CVE-2025-61144.json" }- References
-
- https://gist.github.com/optionGo/5ad17e96a0a40f03578dd6c9f8645952
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/61xxx/CVE-2025-61144.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-61144
- https://gitlab.com/libtiff/libtiff/-/issues/740
- https://gitlab.com/libtiff/libtiff/-/commit/09f53a86cf26dfd961925227e59e180db617f26d
- https://gitlab.com/libtiff/libtiff/-/commit/88cf9dbb48f6e172629795ecffae35d5052f68aa
- https://gitlab.com/libtiff/libtiff/-/merge_requests/757
Affected packages
Git / gitlab.com/libtiff/libtiff
Affected versions
v3.*
v3.5.3
v3.5.4
v3.5.5
v3.5.7
v3.6.0
v3.6.0beta2
v3.6.1
v3.7.0
v3.7.0alpha
v3.7.0beta
v3.7.0beta2
v3.7.1
v3.7.2
v3.7.3
v3.7.4
v3.8.0
v3.8.1
v3.8.2
v4.*
v4.0.0
v4.0.0alpha
v4.0.0alpha4
v4.0.0alpha5
v4.0.0alpha6
v4.0.0beta7
v4.0.1
v4.0.10
v4.0.2
v4.0.3
v4.0.4
v4.0.4beta
v4.0.5
v4.0.6
v4.0.7
v4.0.8
v4.0.9
v4.1.0
v4.2.0
v4.3.0
v4.3.0rc1
v4.4.0
v4.4.0rc1
v4.5.0
v4.5.0rc2
v4.5.0rc3
v4.5.1
v4.5.1rc1
v4.5.1rc2
v4.5.1rc3
v4.6.0rc1
v4.7.0
v4.7.0rc1
v4.7.0rc2