Lucene search
K

7 matches found

Cvelist
Cvelist
added 2024/06/27 5:37 p.m.29 views

CVE-2024-24792 Panic when parsing invalid palette-color images in golang.org/x/image

Parsing a corrupt or malicious image with invalid color indices can cause a panic...

0.00731EPSS
Exploits0References3
OSV
OSV
added 2024/06/25 10:6 p.m.15 views

GO-2024-2937 Panic when parsing invalid palette-color images in golang.org/x/image

Parsing a corrupt or malicious image with invalid color indices can cause a panic...

7.5CVSS6.2AI score0.00731EPSS
Exploits1References2
Veracode
Veracode
added 2023/08/04 2:23 a.m.23 views

Denial Of Service (DoS)

golang.org/x/image is vulnerable to Denial of Service DoS. The vulnerability exists when reader.go parses a tiled tiff image with a height of 0, and has a very large width which results in excessive CPU consumption while decoding, possibly allowing an attacker to cause an application crash or...

6.5CVSS6.7AI score0.00805EPSS
Exploits0References11Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/02 7:52 p.m.23 views

CVE-2023-29408 Excessive resource consumption in golang.org/x/image/tiff

The TIFF decoder does not place a limit on the size of compressed tile data. A maliciously-crafted image can exploit this to cause a small image both in terms of pixel width/height, and encoded size to make the decoder decode large amounts of compressed data, consuming excessive memory and CPU...

6.6AI score0.0086EPSS
Exploits0References7
OSV
OSV
added 2023/08/02 3:6 p.m.29 views

GO-2023-1989 Excessive resource consumption in golang.org/x/image/tiff

The TIFF decoder does not place a limit on the size of compressed tile data. A maliciously-crafted image can exploit this to cause a small image both in terms of pixel width/height, and encoded size to make the decoder decode large amounts of compressed data, consuming excessive memory and CPU...

6.5CVSS6.3AI score0.0086EPSS
Exploits0References2
OSV
OSV
added 2023/02/17 1:59 p.m.26 views

GHSA-QGC7-MGM3-Q253 Uncontrolled Resource Consumption in golang.org/x/image

An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig. This could lead to a denial of service...

5.5CVSS5.8AI score0.00309EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2023/02/17 1:59 p.m.45 views

Uncontrolled Resource Consumption in golang.org/x/image

An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig. This could lead to a denial of service...

5.5CVSS5.6AI score0.00309EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder