diff --git a/lib/Service/ImageResizer.php b/lib/Service/ImageResizer.php
index b92f67b31..49f9a0ea2 100644
--- a/lib/Service/ImageResizer.php
+++ b/lib/Service/ImageResizer.php
@@ -14,14 +14,28 @@
 class ImageResizer {
 	public const RESIZE_MAX_X = 256;
 	public const RESIZE_MAX_Y = 256;
+	public const MAX_INPUT_BYTES = 5 * 1024 * 1024;
+	public const MAX_INPUT_PIXELS = 4096 * 4096;
 
 	/**
 	 * @param string $socialData
 	 * @return null|string
 	 */
 	public function resizeImage(string $socialData) {
-		$image = new Image();
+		if ($socialData === '' || strlen($socialData) > self::MAX_INPUT_BYTES) {
+			return null;
+		}
+
+		$size = @getimagesizefromstring($socialData);
+		if ($size === false || !isset($size[0], $size[1])) {
+			return null;
+		}
 
+		if ($size[0] <= 0 || $size[1] <= 0 || ($size[0] * $size[1]) > self::MAX_INPUT_PIXELS) {
+			return null;
+		}
+
+		$image = new Image();
 		$image->loadFromData($socialData);
 
 		if ($image->valid()) {