EPSS
Percentile
32.1%
A heap buffer over-read in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information.
bugzilla.redhat.com/show_bug.cgi?id=1656778
www.cve.org/CVERecord?id=CVE-2018-19566 https://nvd.nist.gov/vuln/detail/CVE-2018-19566