VDB

DEBIAN-CVE-2026-33809

DEBIAN-CVE-2026-33809 PUBLISHED CVSS 5.300000190734863 MEDIUM

A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error.

Risk Scores

CVSS 3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected Products

VendorProductVersions
Debian:12golang-golang-x-image0.7.0-1, 0.9.0-1, 0.8.0-1
Debian:11golang-golang-x-image0.9.0-1, 0.0, 0.0
Debian:13golang-golang-x-image0.39.0-1, 0.38.0-1, 0.35.0-1
Debian:14golang-golang-x-image0.35.0-1, 0.32.0-1, 0.18.0-1

Timeline

  • Mar 25, 2026 CVE Published
  • Apr 28, 2026 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›