CVE-2025-32025

bep/imagemeta is a Go library for reading EXIF, IPTC and XMP image meta data from JPEG, TIFF, PNG, and WebP files. The buffer created for parsing metadata for PNG and WebP images was only bounded by their input data type, which could lead to potentially large memory allocation, and unreasonably...

SUSE CVE-2025-32025

bep/imagemeta is a Go library for reading EXIF, IPTC and XMP image meta data from JPEG, TIFF, PNG, and WebP files. The buffer created for parsing metadata for PNG and WebP images was only bounded by their input data type, which could lead to potentially large memory allocation, and unreasonably...

GO-2025-3598 bep/imagemeta allows excessively large EXIF data structures in github.com/bep/imagemeta

bep/imagemeta allows excessively large EXIF data structures in github.com/bep/imagemeta...

GO-2025-3599 bep/imagemeta allows a potentially large memory allocation in PNG and WebP parsing in github.com/bep/imagemeta

bep/imagemeta allows a potentially large memory allocation in PNG and WebP parsing in github.com/bep/imagemeta...

CVE-2025-32025

bep/imagemeta is a Go library for reading EXIF, IPTC and XMP image meta data from JPEG, TIFF, PNG, and WebP files. The buffer created for parsing metadata for PNG and WebP images was only bounded by their input data type, which could lead to potentially large memory allocation, and unreasonably...

CVE-2025-32025

The CVE affects the Go library bep/imagemeta used for reading EXIF/IPTC/XMP metadata from JPEG, TIFF, PNG, and WebP. Before v0.11.0, the PNG/WebP metadata parsing allocated buffers unbounded by input type, enabling potentially large memory usage and DoS if provided images aren’t trusted. v0.11.0 ...

CVE-2025-32024 bep/imagemeta allows excessively large EXIF data structures

bep/imagemeta is a Go library for reading EXIF, IPTC and XMP image meta data from JPEG, TIFF, PNG, and WebP files. The EXIF data format allows for defining excessively large data structures in relatively small payloads. Before v0.10.0, If you didn't trust the input images, this could be abused to...

CVE-2025-32024 bep/imagemeta allows excessively large EXIF data structures

bep/imagemeta is a Go library for reading EXIF, IPTC and XMP image meta data from JPEG, TIFF, PNG, and WebP files. The EXIF data format allows for defining excessively large data structures in relatively small payloads. Before v0.10.0, If you didn't trust the input images, this could be abused to...

CVE-2025-32024

CVE-2025-32024 affects the Go library bep/imagemeta used to read EXIF/IPTC/XMP metadata from JPEG, TIFF, PNG, and WebP files. The root cause is that EXIF data can define excessively large data structures, enabling a potential denial-of-service when untrusted images are processed prior to v0.10.0....

PT-2025-15446 · Unknown · Bep/Imagemeta

Name of the Vulnerable Software and Affected Versions: bep/imagemeta versions prior to 0.10.0 Description: The issue concerns a Go library for reading image meta data from various file formats. The EXIF data format allows for defining large data structures in small payloads, which could be abused...