Vulnerability Report: GO-2023-1990
- CVE-2023-29407, GHSA-j3p8-6mrq-6g7h
- Affects: golang.org/x/image
- Published: Aug 02, 2023
- Modified: May 20, 2024
A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size (width * height) appearing to be zero.
Affected Packages
-
PathGo VersionsSymbols
-
before v0.10.0
Aliases
References
Credits
- Philippe Antoine (Catena cyber)
Feedback
See anything missing or incorrect?
Suggest an edit to this report.