8 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-29408
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The TIFF decoder does not place a limit on the size of compressed tile data. A maliciously-crafted image can exploit this to cause a small image both in terms o...
Security update for keybase-client (moderate)
openSUSE Security Update: Security update for keybase-client Announcement ID: openSUSE-SU-2024:0194-2 Rating: moderate References: 1213928 Cross-References: CVE-2023-29408 CVSS scores: CVE-2023-29408 NVD : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2023-29408 SUSE: 4...
Fedora 39 : golang-x-image (2023-28cff1a2de)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-28cff1a2de advisory. Update to 0.13.0 Security fix for CVE-2023-29408 Security fix for CVE-2023-29407 Security fix for CVE-2022-41727 Tenable has extracted the preceding...
Fedora 38 : golang-x-image (2023-4d95d44e7b)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-4d95d44e7b advisory. Update to 0.13.0 Security fix for CVE-2023-29408 Security fix for CVE-2023-29407 Security fix for CVE-2022-41727 Tenable has extracted the preceding...
CVE-2023-29408
creationtimestamp| type| source ---|---|--- 2023-08-03 00:39:37+00:00| seen| https://t.me/cibsecurity/67621...
CVE-2023-29408
The TIFF decoder does not place a limit on the size of compressed tile data. A maliciously-crafted image can exploit this to cause a small image both in terms of pixel width/height, and encoded size to make the decoder decode large amounts of compressed data, consuming excessive memory and CPU...
CVE-2023-29408 Excessive resource consumption in golang.org/x/image/tiff
The TIFF decoder does not place a limit on the size of compressed tile data. A maliciously-crafted image can exploit this to cause a small image both in terms of pixel width/height, and encoded size to make the decoder decode large amounts of compressed data, consuming excessive memory and CPU...
CVE-2023-29408
The CVE-2023-29408 vulnerability affects the TIFF decoder in the Go image libraries (golang-x-image). The root cause is the decoder not enforcing a limit on the size of compressed tile data, allowing a malicious image to trigger excessive memory and CPU usage even for small images. Practical impa...