{"id":"JLSEC-2025-318","summary":"A vulnerability was found in LibTIFF up to 4.7.0","details":"A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It is recommended to apply a patch to fix this issue. This vulnerability only affects products that are no longer supported by the maintainer.","modified":"2025-11-25T22:48:28.522265Z","published":"2025-11-25T22:18:43.603Z","upstream":["CVE-2025-8177"],"database_specific":{"license":"CC-BY-4.0","sources":[{"id":"CVE-2025-8177","url":"https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-8177","html_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-8177","imported":"2025-11-25T21:56:30.674Z","published":"2025-07-26T04:16:10.983Z","modified":"2025-09-11T16:57:45.093Z"}]},"references":[{"type":"WEB","url":"http://www.libtiff.org/"},{"type":"WEB","url":"https://gitlab.com/libtiff/libtiff/-/commit/e8c9d6c616b19438695fd829e58ae4fde5bfbc22"},{"type":"WEB","url":"https://gitlab.com/libtiff/libtiff/-/issues/715"},{"type":"WEB","url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/737"},{"type":"WEB","url":"https://vuldb.com/?ctiid.317591"},{"type":"WEB","url":"https://vuldb.com/?id.317591"},{"type":"WEB","url":"https://vuldb.com/?submit.621797"}],"affected":[{"package":{"name":"Libtiff_jll","ecosystem":"Julia","purl":"pkg:julia/Libtiff_jll?uuid=89763e89-9b03-5906-acba-b20f662cd828"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"4.7.2+0"}]}],"database_specific":{"source":"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2025/JLSEC-2025-318.json"}}],"schema_version":"1.7.3"}