EPSS
Percentile
92.8%
libtiff.so is vulnerable to invalid write attacks. The vulnerability exists in the TIFFReadDirectory function of libtiff/tif_dirread.c where field data for extension tags can be written to invalid memory locations.
TIFFReadDirectory
libtiff/tif_dirread.c
bugzilla.suse.com/show_bug.cgi?id=960341
github.com/vadz/libtiff/commit/4d4fa0b68ae9ae038959ee4f69ebe288ec892f06