Msrc Azl3 Libtiff 4.6.0-8 On Azure Linux 3.0 vulnerabilities
5 known vulnerabilities affecting msrc/azl3_libtiff_4.6.0-8_on_azure_linux_3.0.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2LOW2
Vulnerabilities
Page 1 of 1
CVE-2025-9900HIGHCVSS 8.82025-09-09
CVE-2025-9900 [HIGH] CWE-123 Libtiff: libtiff write-what-where
Libtiff: libtiff write-what-where
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed
msrc
CVE-2025-9165MEDIUMCVSS 5.52025-08-12
CVE-2025-9165 [LOW] CWE-401 LibTIFF tiffcmp tiffcmp.c InitCCITTFax3 memory leak
LibTIFF tiffcmp tiffcmp.c InitCCITTFax3 memory leak
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro
msrc
CVE-2025-8851MEDIUMCVSS 5.32025-08-12
CVE-2025-8851 [MEDIUM] CWE-121 LibTIFF tiffcrop tiffcrop.c readSeparateStripsetoBuffer stack-based overflow
LibTIFF tiffcrop tiffcrop.c readSeparateStripsetoBuffer stack-based overflow
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure version
msrc
CVE-2025-8961LOWCVSS 3.32025-08-12
CVE-2025-8961 [MEDIUM] CWE-119 LibTIFF tiffcrop tiffcrop.c main memory corruption
LibTIFF tiffcrop tiffcrop.c main memory corruption
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro
msrc
CVE-2024-13978LOWCVSS 2.52025-08-12
CVE-2024-13978 [LOW] CWE-476 LibTIFF fax2ps tiff2pdf.c t2p_read_tiff_init null pointer dereference
LibTIFF fax2ps tiff2pdf.c t2p_read_tiff_init null pointer dereference
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open so
msrc