EPSS
Percentile
91.0%
libtiff.so is vulnerable to denial of service (DoS) attacks. A malicious user can pass a packed TIFF file to the putcontig8bitCIELab function in tif_getimage.c to cause an out-of-bounds read that can crash the application.
putcontig8bitCIELab
tif_getimage.c
bugzilla.redhat.com/show_bug.cgi?id=1294427
github.com/vadz/libtiff/commit/f94a29a822f5528d2334592760fbb7938f15eb55