CVE-2022-41727 — CVSS 5.5 (medium): An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig. This could lead…
CVE-2026-33809 — CVSS 5.3 (medium): A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource…