An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig. This could lead to a denial of service.
{ "nvd_published_at": "2023-02-28T18:15:00Z", "cwe_ids": [ "CWE-400", "CWE-770" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2023-02-17T13:59:44Z" }