Vulnerability in Golang.org/x/image Golang.org/x/image/tiff
CVE-2026-46602
The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause unbounded memory consumption.
Affected products
- Golang.org/x/image Golang.org/x/image/tiff — versions 0