vulnerability
Arch Linux: Arbitrary code execution (CVE-2015-7554)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Jan 8, 2016 | Jul 11, 2025 | Nov 27, 2025 |
Severity
7
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Jan 8, 2016
Added
Jul 11, 2025
Modified
Nov 27, 2025
Description
An Invalid memory write flaw was found in libtiff in the way it parsed certain extension tags when reading TIFF format files. An attacker could use this flaw to crash or even execute arbitrary code with the permission of the user running such an application compiled against libtiff.
Solution
arch-linux-upgrade-latest
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.