VDB
CISA-2022-41727
CISA-2022-41727
PUBLISHED
Reported by Go · Published February 28, 2023
An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig. This could lead to a denial of service.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| golang.org/x/image | golang.org/x/image/tiff | 0 |
| golang.org/x/image | golang.org/x/image/tiff | 0, 0 |
Timeline
- Feb 28, 2023 CVE Published
- Mar 7, 2025 CVE Updated