CVE-2026-33809

Published: Mar 25, 2026

Modified: Apr 6, 2026

PUBLISHED

Description

A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error.

Vendor	Product	Versions
golang.org/x/image	golang.org/x/image/tiff	affected `0 - < 0.38.0`

References

https://go.dev/cl/757660

https://go.dev/issue/78267

https://pkg.go.dev/vuln/GO-2026-4815

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-33809

Description

Affected Products

References