CVE-2026-46604
- EPSS 0.35%
- Veröffentlicht 26.06.2026 20:22:46
- Zuletzt bearbeitet 01.07.2026 14:07:56
The TIFF decoder can panic when decoding an invalid image with an out-of-bounds strip offset.
CVE-2026-46602
- EPSS 0.34%
- Veröffentlicht 25.06.2026 19:47:21
- Zuletzt bearbeitet 26.06.2026 17:16:33
The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause unbounded memory consumption.
CVE-2026-46599
- EPSS 0.35%
- Veröffentlicht 29.05.2026 19:35:33
- Zuletzt bearbeitet 01.06.2026 18:16:02
The TIFF decoder does not place a limit on the size of PackBits-compressed data. A maliciously-crafted image can exploit this to cause a small image (both in terms of pixel width/height and encoded size) to make the decoder decode large amounts of co...
CVE-2026-33809
- EPSS 0.33%
- Veröffentlicht 25.03.2026 18:24:04
- Zuletzt bearbeitet 21.04.2026 16:30:41
A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error.
CVE-2022-41727
- EPSS 0.31%
- Veröffentlicht 28.02.2023 18:15:10
- Zuletzt bearbeitet 21.11.2024 07:23:44
An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig. This could lead to a denial of service.