Libtiff library is affected by three vulnerabilities but unfortunately one of them, tracked as CVE-2016-8331, is still unpatched. The vulnerabilities affect the latest version 4.0.6, released in September. The bugs could be exploited by hackers to hack a system by using booby-trapped images. The vulnerability was reported by Mathias Svensson, of Googles Security Team, while the researcher Evan Rouault of SpatialSys published a fix on GitHub.”]
Source: https://securityaffairs.co/wordpress/52768/hacking/libtiff-flaws.html