An issue exists in decode_frame in libavcodec/tiff.c in FFmpeg version 4.3, allows remote malicious users to cause a denial of service (DoS).
ffmpeg ffmpeg 4.3