A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size (width * height) appearing to be zero.

Affected Packages

Go golang.org/x/image

Affected versions: 0 (fixed in 0.10.0)

Related CVEs

CVE-2023-29407

Key Information

GHSA ID

GHSA-j3p8-6mrq-6g7h

Published

August 2, 2023 9:30 PM

Last Modified

May 20, 2024 9:54 PM

CVSS Score

5.0 /10

Primary Ecosystem

Primary Package

golang.org/x/image

GitHub Reviewed

✓ Yes

Dataset

Last updated: July 19, 2025 6:27 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.