| 09/17/2025 | Official summary revised: An attacker with local access to a system running a vulnerable version could exploit this vulnerability to manipulate memory after it has been freed, which may lead to memory corruption, crashes, or potentially code execution depending on how the library is used within the context of the affected process. The vulnerability affects LibTIFF tools/utilities that invoke tiffmedian (or its get_histogram code path) and is particularly relevant in environments that run that tool with user-supplied or untrusted input. In containerized or production server environments the risk is considered low to medium because tiffmedian is not used. The impact, if successfully exploited, is potentially low. At best it causes application container to restart. This vulnerability mainly affects the UI related container images.As and when the upstream fix becomes available, it will be incorporated. |