9 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-29407
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU...
Fedora 39 : golang-x-image (2023-28cff1a2de)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-28cff1a2de advisory. Update to 0.13.0 Security fix for CVE-2023-29408 Security fix for CVE-2023-29407 Security fix for CVE-2022-41727 Tenable has extracted the preceding...
Fedora 38 : golang-x-image (2023-4d95d44e7b)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-4d95d44e7b advisory. Update to 0.13.0 Security fix for CVE-2023-29408 Security fix for CVE-2023-29407 Security fix for CVE-2022-41727 Tenable has extracted the preceding...
CVE-2023-29407
A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size width height appearing to be zero...
CVE-2023-29407
A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size width height appearing to be zero...
CVE-2023-29407 Excessive CPU consumption when decoding 0-height images in golang.org/x/image/tiff
A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size width height appearing to be zero...
CVE-2023-29407 Excessive CPU consumption when decoding 0-height images in golang.org/x/image/tiff
A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size width height appearing to be zero...
CVE-2023-29407
CVE-2023-29407 describes a denial of service via CPU exhaustion when decoding a malicious image. The vulnerability is referenced in Fedora advisories for golang-x-image, with fixes issued (e.g., update to 0.13.0 across affected releases). Nessus/NCSC entries corroborate that Fedora packages in mu...
CVE-2023-29407 Excessive CPU consumption when decoding 0-height images in golang.org/x/image/tiff
A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size width height appearing to be zero...