Updated: 2026-02-27 04:32:53.552789
Description:
libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0.0 | |
| CVSS Version 3.x | MEDIUM | 5.5 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | libtiff | 4.4.0 | 5.5 | MEDIUM | Needs Triage | 2026-02-25 07:44:56 | ||
| CentOS 7 ELS | libtiff | 4.0.3 | 5.5 | MEDIUM | Ignored | 2026-02-26 03:35:04 | This issue is a local, user‑interaction‑dependent NULL pointer dereference in libtiff’s tif_op... | |
| Oracle Linux 7 ELS | libtiff | 4.0.3 | 5.5 | MEDIUM | Ignored | 2026-02-26 03:35:04 | This issue is a local, user‑interaction‑dependent NULL pointer dereference in libtiff’s tif_op... | |
| TuxCare 9.6 ESU | libtiff | 4.4.0 | 5.5 | MEDIUM | In Testing | 2026-03-03 10:26:14 |