EPSS
Percentile
39.5%
FontForge 20161012 is vulnerable to a buffer over-read in strnmatch (char.c) resulting in DoS or code execution via a crafted otf file, related to a call from the readttfcopyrights function in parsettf.c.
bugzilla.redhat.com/show_bug.cgi?id=1475393