CVE-2023-29407

Name of the Vulnerable Software and Affected Versions Golang (affected versions not specified)

Description The issue is related to excessive CPU consumption during decoding. A maliciously-crafted image, specifically a tiled image with a height of 0 and a very large width, can cause this excessive consumption. This can happen despite the image size appearing to be zero, as the width and height calculation (width * height) would result in zero. This could allow a remote attacker to cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.