EPSS
Percentile
77.9%
libtiff.so is vulnerable to denial of service(DoS) attacks. The LZW encoding in tif_lzw.c allows to input a malicious bmp image with parameter: -c lzw, leading to an out-of-bounds read.
tif_lzw.c
-c lzw
bugzilla.suse.com/show_bug.cgi?id=974448
github.com/vadz/libtiff/commit/a9f629773064a5aecd1f772ac938eeeec002cd4a