CVE-2023-29407

Excessive CPU consumption when decoding 0-height images in golang.org/x/image/tiff

Description

A maliciously-crafted image can cause excessive CPU consumption in decoding.

A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size (width * height) appearing to be zero.

Patch Available

Fix available through Seal Security.  
No upgrade required, protect your application instantly.

Fix without upgrading

Score

Severity

Ecosystem

Publish Date

August 2, 2023

Modified Date

May 20, 2024

Score Vector

Affected Versions