EPSS
Percentile
77.8%
libtiff.so is vulnerable to denial of service (DoS) attacks. A malicious user can pass a tiff file to the combineSeparateSamples8bits function in tiffcrop.c, allowing a malicious user to cause an out-of-bounds read, crashing the application.
combineSeparateSamples8bits
tiffcrop.c
bugzilla.suse.com/show_bug.cgi?id=984813
github.com/vadz/libtiff/commit/2f79856097f423eb33796a15fcf700d2ea41bf31