CVE-2026-46602

Vulnerability Description

The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause unbounded memory consumption.

Vulnerability Details

Published Date

June 25, 2026

Last Modified

June 25, 2026

Source

NVD

Vendor

golang.org/x/image

Product

golang.org/x/image/tiff

External References

https://go.dev/cl/788422
https://go.dev/issue/79905
https://pkg.go.dev/vuln/GO-2026-5062

CVE-2026-46602

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment