11 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-33813
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Parsing a WEBP image with an invalid, large size panics on 32-bit platforms. CVE-2026-33813 Note that Nessus relies on the presence of the package as reported b...
CVE-2026-33813
Parsing a WEBP image with an invalid, large size panics on 32-bit platforms...
UBUNTU-CVE-2026-33813
Parsing a WEBP image with an invalid, large size panics on 32-bit platforms...
CVE-2026-33813
Parsing a WEBP image with an invalid, large size panics on 32-bit platforms...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from Google, Inc. of the United States. There is a security vulnerability in Google Go, which stems from the webp parsing function in golang.org/x/image, which may cause 32-bit platfo...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the bufferedReader function in io.go, when parsing PNG and WebP files. An attacker can cause denial of service by sending malicious images that trigger large memory allocations...
GO-2025-3599 bep/imagemeta allows a potentially large memory allocation in PNG and WebP parsing in github.com/bep/imagemeta
bep/imagemeta allows a potentially large memory allocation in PNG and WebP parsing in github.com/bep/imagemeta...
GHSA-FMHH-RW3H-785M bep/imagemeta allows a potentially large memory allocation in PNG and WebP parsing
Impact The buffer created for parsing metadata for PNG and WebP images was only bounded by their input data type, which could lead to potentially large memory allocation, and unreasonably high for image metadata. Before v0.11.0, If you didn't trust the input images, this could be abused to...
CVE-2025-32025 bep/imagemeta allows a potentially large memory allocation in PNG and WebP parsing
bep/imagemeta is a Go library for reading EXIF, IPTC and XMP image meta data from JPEG, TIFF, PNG, and WebP files. The buffer created for parsing metadata for PNG and WebP images was only bounded by their input data type, which could lead to potentially large memory allocation, and unreasonably...
CVE-2025-32025
The CVE affects the Go library bep/imagemeta used for reading EXIF/IPTC/XMP metadata from JPEG, TIFF, PNG, and WebP. Before v0.11.0, the PNG/WebP metadata parsing allocated buffers unbounded by input type, enabling potentially large memory usage and DoS if provided images aren’t trusted. v0.11.0 ...
CVE-2025-32025 bep/imagemeta allows a potentially large memory allocation in PNG and WebP parsing
bep/imagemeta is a Go library for reading EXIF, IPTC and XMP image meta data from JPEG, TIFF, PNG, and WebP files. The buffer created for parsing metadata for PNG and WebP images was only bounded by their input data type, which could lead to potentially large memory allocation, and unreasonably...