Primary

Context

libtiff NULL Pointer Dereference Vulnerability in tif_open Component

Vulnerability

A NULL pointer dereference vulnerability has been identified in libtiff versions prior to 4.7.1. The issue arises in the tif_open.c component, where improper handling of TIFF directory tags can lead to a crash.

Impact

Exploitation of this vulnerability causes a segmentation fault, leading to a crash of the application.

Reproduction

The vulnerability can be reproduced using the tiffcrop tool included with libtiff. The command involves specifying a crafted TIFF file that triggers the NULL pointer dereference. This can be done by using the 'tiffcrop' command with the '-D' option to set the debug level, along with the path to the crafted TIFF file that exploits the vulnerability.

Remediation

Users can upgrade to libtiff version 4.7.1 or later to address this vulnerability.

Added: Feb 23, 2026, 7:27 PM

Updated: Feb 23, 2026, 7:27 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

0.6

exploitability

5.2

remediation

0.0

relevance

3.1

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

0.6

exploitability

5.2

remediation

0.0

relevance

3.1

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

libtiff NULL Pointer Dereference Vulnerability in tif_open Component

Vulnerability

Impact

Reproduction

Remediation

Affected Products

libtiff

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating