Ecosystem	Package	Version

Vulnerabilities

CVE-2025-61144

CVE-2025-61144

libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.

Published Feb 26, 2026

https://security-tracker.debian.org/tracker/CVE-2025-61144

CVSS ScoreHigh

7.3

Ecosystem	Package	Version


conan	bincrafters/libtiff	4.0.8
conan	bincrafters/libtiff	4.0.9
conda	free/libtiff	3.9.4
conda	free/libtiff	4.0.2
conda	free/libtiff	4.0.6
conan	libtiff	4.0.8
conan	libtiff	4.0.9
conan	libtiff	4.1.0
conan	libtiff	4.2.0
conan	libtiff	4.3.0
conan	libtiff	4.4.0
conan	libtiff	4.5.0
conan	libtiff	4.5.1
conan	libtiff	4.6.0
conan	libtiff	4.7.0
rpm	libtiff	3.9.4-1.el6
rpm	libtiff	3.9.4-1.el6_0.1
rpm	libtiff	3.9.4-1.el6_0.2
rpm	libtiff	3.9.4-1.el6_0.3
rpm	libtiff	3.9.4-10.el6_5
rpm	libtiff	3.9.4-18.el6_8
rpm	libtiff	3.9.4-21.el6_8
rpm	libtiff	3.9.4-5.el6_2
rpm	libtiff	3.9.4-6.el6_3
rpm	libtiff	3.9.4-9.el6_3
rpm	libtiff	4.0.3-14.el7
rpm	libtiff	4.0.3-25.el7_2
rpm	libtiff	4.0.3-27.el7_3
rpm	libtiff	4.0.3-32.el7
rpm	libtiff	4.0.3-35.el7
rpm	libtiff	4.0.9-13.el8
rpm	libtiff	4.0.9-15.el8
rpm	libtiff	4.0.9-17.el8
rpm	libtiff	4.0.9-18.el8
rpm	libtiff	4.0.9-20.el8
rpm	libtiff	4.0.9-21.el8
rpm	libtiff	4.0.9-23.el8
rpm	libtiff	4.0.9-26.el8_7
rpm	libtiff	4.0.9-27.el8
rpm	libtiff	4.0.9-28.el8_8
rpm	libtiff	4.0.9-29.el8_8
rpm	libtiff	4.0.9-31.el8
rpm	libtiff	4.0.9-32.el8_10
rpm	libtiff	4.0.9-33.el8_10
rpm	libtiff	4.0.9-34.el8_10
rpm	libtiff	4.0.9-35.el8_10
rpm	libtiff	4.0.9-36.el8_10
rpm	libtiff	4.2.0-3.el9
rpm	libtiff	4.4.0-10.el9
rpm	libtiff	4.4.0-12.el9

CVE-2025-61144 | Components Impacted | Sonatype Guide | Sonatype Guide