CVE-2025-8851
Published: November 8, 2025
A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop.c of the component tiffcrop. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The patch is identified as 8a7a48d7a645992ca83062b3a1873c951661e2b3. It is recommended to apply a patch to fix this issue.
MEDIUM
CVSS v3: 5.3
CVSS v3: 5.3
Status
| DocFilters Release | Package | State | Justification | Comment |
|---|---|---|---|---|
| 0.0.0.1 | libtiff (4.6.0) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 25.3 | libtiff (4.6.0) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 25.2 | libtiff (4.6.0) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 25.1.1 | libtiff (4.6.0) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 25.1 | libtiff (4.6.0) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 24.4 | libtiff (4.6.0) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 24.4.0 | libtiff (4.6.0) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 24.3 | libtiff (4.6.0) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 24.2.1 | libtiff (4.6.0) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 24.2 | libtiff (4.6.0) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 24.1 | libtiff (4.6.0) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 23.3 | libtiff (4.5.1) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 23.2.1 | libtiff (4.3.0) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 23.2 | libtiff (4.3.0) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 23.1 | libtiff (4.3.0) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 22.4 | libtiff (4.3.0) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 22.3 | libtiff (4.3.0) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 22.2 | libtiff (4.3.0) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 22.1 | libtiff (4.0.8) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 21.11.1 | libtiff (4.0.8) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 21.11 | libtiff (4.0.8) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 21.8.1 | libtiff (4.0.8) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 21.8 | libtiff (4.0.8) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 21.5.1 | libtiff (4.0.8) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 21.5.0 | libtiff (4.0.8) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 21.2.0 | libtiff (4.0.8) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 11.4.20 | libtiff (4.0.8) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 11.4.19.3667 | libtiff (4.0.8) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 11.4.18.3599 | libtiff (4.0.8) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 11.4.17 | libtiff (4.0.8) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 11.4.16.3445 | libtiff (4.0.8) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 11.4.15.3368 | libtiff (4.0.8) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 11.4.14.3263 | libtiff (4.0.8) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 11.4.13.3179 | libtiff (4.0.8) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 11.4.12.3054 | libtiff (4.0.8) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 11.4.11.3040 | libtiff (4.0.8) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 11.4.11.2990 | libtiff (4.0.8) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 11.4.10.2934 | libtiff (4.0.8) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 11.4.9.2878 | libtiff (4.0.8) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
| 11.4.8.2822 | libtiff (4.0.8) | Not Affected | Code Not Present | Vulnerability is in tiff CLI tool tiffcrop; code is not compiled into Document Filters. |
Severity score breakdown
Attack Complexity
LOW
Attack Vector
LOCAL
Availability Impact
LOW
Base Score
5.3
Base Severity
MEDIUM
Confidentiality Impact
LOW
Integrity Impact
LOW
Privileges Required
LOW
Scope
UNCHANGED
User Interaction
NONE
Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Version
3.1