CVE-2026-12912
ADVISORY - debianSummary
A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT_8BITABGR output format and a specific stride value, leading to a heap-based buffer overflow. This could potentially result in arbitrary code execution or a denial of service (DoS).
- tiff https://gitlab.com/libtiff/libtiff/-/work_items/824 https://gitlab.com/libtiff/libtiff/-/merge_requests/873 https://gitlab.com/libtiff/libtiff/-/commit/ba2b04b114c5dd945107ccc613cedfcca3af73bb (v4.7.2rc2) https://gitlab.com/libtiff/libtiff/-/commit/51fa6dfe93f20da0d38f079fbc61c7c960bcbc16 (v4.7.2rc2) https://gitlab.com/libtiff/libtiff/-/work_items/828 https://gitlab.com/libtiff/libtiff/-/merge_requests/883 https://gitlab.com/libtiff/libtiff/-/commit/f9bda11bf2fc819b971517582666d56f18b1bc3f (v4.7.2rc2) https://gitlab.com/libtiff/libtiff/-/commit/90601d9a23382d98f3695ec14441145c37a77574 (v4.7.2rc2)
Common Weakness Enumeration (CWE)
Sign in to Docker Scout
See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.
Sign in