📦

image

Vendor: golang

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 1 Remote Access

Total CVEs 6 Total Indexed

Avg. EPSS 0.16% Exploit Prob.

Latest CVE CVE-2026-33813 Apr 21

Security Vulnerability Index

Page 1 / 1

7.5 CVSS

CVE-2026-33813

Parsing a WEBP image with an invalid, large size panics on 32-bit platforms.

EPSS: 0.07%

Severity: HIGH

Apr 21, 2026

6.1 CVSS

CVE-2026-33812

Parsing a malicious font file can cause excessive memory allocation.

EPSS: 0.01%

Severity: MEDIUM

Apr 21, 2026

6.5 CVSS

CVE-2023-29408

The TIFF decoder does not place a limit on the size of compressed tile data. A maliciously-crafted image can exploit this to cause a small image (both in terms of pixel width/height, and encoded size) to make the decoder decode large amounts of compressed data, consuming excessive memory and CPU.

EPSS: 0.46%

Severity: MEDIUM

Aug 02, 2023

6.5 CVSS

CVE-2023-29407

A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size (width * height) appearing to be zero.

EPSS: 0.26%

Severity: MEDIUM

Aug 02, 2023

5.5 CVSS

CVE-2022-41727

RCE

An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig. This could lead to a denial of service.

EPSS: 0.02%

Severity: MEDIUM

Feb 28, 2023

Displaying 5 of 6 Total Entries

Total 1 Sections