Vulnerabilities > Golang > Image > 0.4.0

DATE CVE VULNERABILITY TITLE RISK
2023-08-02 CVE-2023-29407 Excessive Iteration vulnerability in multiple products
A maliciously-crafted image can cause excessive CPU consumption in decoding.
network
low complexity
golang fedoraproject CWE-834
6.5
2023-08-02 CVE-2023-29408 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The TIFF decoder does not place a limit on the size of compressed tile data.
network
low complexity
golang fedoraproject CWE-770
6.5
2023-02-28 CVE-2022-41727 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig.
local
low complexity
golang fedoraproject CWE-770
5.5