GoLang Image
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in GoLang Image.
By the Year
In 2025 there have been 0 vulnerabilities in GoLang Image. Image did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 0 | 0.00 |
2024 | 0 | 0.00 |
2023 | 3 | 6.17 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Image vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent GoLang Image Security Vulnerabilities
The TIFF decoder does not place a limit on the size of compressed tile data
CVE-2023-29408
6.5 - Medium
- August 02, 2023
The TIFF decoder does not place a limit on the size of compressed tile data. A maliciously-crafted image can exploit this to cause a small image (both in terms of pixel width/height, and encoded size) to make the decoder decode large amounts of compressed data, consuming excessive memory and CPU.
Allocation of Resources Without Limits or Throttling
A maliciously-crafted image can cause excessive CPU consumption in decoding
CVE-2023-29407
6.5 - Medium
- August 02, 2023
A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size (width * height) appearing to be zero.
Excessive Iteration
An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig
CVE-2022-41727
5.5 - Medium
- February 28, 2023
An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig. This could lead to a denial of service.
Allocation of Resources Without Limits or Throttling
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Oracle or by GoLang? Click the Watch button to subscribe.
