EPSS
Percentile
39.5%
FontForge 20161012 is vulnerable to a heap-based buffer over-read in readcfftopdicts (parsettf.c) resulting in DoS or code execution via a crafted otf file.
bugzilla.redhat.com/show_bug.cgi?id=1475390