Ecosystem	Package	Version

Vulnerabilities

CVE-2025-61145

CVE-2025-61145

libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.

Published Feb 26, 2026

https://gist.github.com/optionGo/062f109569196dbffd8ac12020b42289 https://gitlab.com/libtiff/libtiff/-/issues/736

CVSS ScoreMedium

5.0

Ecosystem	Package	Version


conan	bincrafters/libtiff	4.0.8
conan	bincrafters/libtiff	4.0.9
conda	free/libtiff	3.9.4
conda	free/libtiff	4.0.2
conda	free/libtiff	4.0.6
rpm	libtiff	3.9.4-1.el6
rpm	libtiff	3.9.4-1.el6_0.1
rpm	libtiff	3.9.4-1.el6_0.2
rpm	libtiff	3.9.4-1.el6_0.3
rpm	libtiff	3.9.4-10.el6_5
rpm	libtiff	3.9.4-18.el6_8
rpm	libtiff	3.9.4-21.el6_8
rpm	libtiff	3.9.4-5.el6_2
rpm	libtiff	3.9.4-6.el6_3
rpm	libtiff	3.9.4-9.el6_3
rpm	libtiff	4.0.3-14.el7
rpm	libtiff	4.0.3-25.el7_2
rpm	libtiff	4.0.3-27.el7_3
rpm	libtiff	4.0.3-32.el7
rpm	libtiff	4.0.3-35.el7
rpm	libtiff	4.0.9-13.el8
rpm	libtiff	4.0.9-15.el8
rpm	libtiff	4.0.9-17.el8
rpm	libtiff	4.0.9-18.el8
rpm	libtiff	4.0.9-20.el8
rpm	libtiff	4.0.9-21.el8
rpm	libtiff	4.0.9-23.el8
rpm	libtiff	4.0.9-26.el8_7
rpm	libtiff	4.0.9-27.el8
rpm	libtiff	4.0.9-28.el8_8
rpm	libtiff	4.0.9-29.el8_8
rpm	libtiff	4.0.9-31.el8
rpm	libtiff	4.0.9-32.el8_10
rpm	libtiff	4.0.9-33.el8_10
rpm	libtiff	4.0.9-34.el8_10
rpm	libtiff	4.0.9-35.el8_10
rpm	libtiff	4.0.9-36.el8_10
rpm	libtiff	4.2.0-3.el9
rpm	libtiff	4.4.0-10.el9
rpm	libtiff	4.4.0-12.el9
rpm	libtiff	4.4.0-12.el9_4.1
rpm	libtiff	4.4.0-13.el9_6.2
rpm	libtiff	4.4.0-2.el9
rpm	libtiff	4.4.0-5.el9_1
rpm	libtiff	4.4.0-7.el9
rpm	libtiff	4.4.0-8.el9_2
rpm	libtiff	4.6.0-4.el10
rpm	libtiff	4.6.0-5.el10
rpm	libtiff	4.6.0-6.el10
rpm	libtiff	4.6.0-6.el10_0.1

CVE-2025-61145 | Components Impacted | Sonatype Guide | Sonatype Guide