Image
This hub aggregates every CVE we track for Image, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
7
CVEs tracked
1
Critical
1
High
0
In CISA KEV
Severity distribution
MEDIUM5HIGH1CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
0
0
2024-072026-06
Latest CVEs
The 7 most recently published vulnerabilities affecting Image.
- CVE-2026-33812Excessive memory allocation when decoding malicious SFNT in golang.org/x/image6.1
- CVE-2026-33813Panic when decoding large WEBP image on 32-bit platforms in golang.org/x/image7.5
- CVE-2023-29407Excessive CPU consumption when decoding 0-height images in golang.org/x/image/tiff6.5
- CVE-2023-29408Excessive resource consumption in golang.org/x/image/tiff6.5
- CVE-2022-41727Denial of service via crafted TIFF image in golang.org/x/image/tiff5.5
- CVE-2020-35916An issue was discovered in the image crate before 0.23.12 for Rust. A Mutable reference has immutable provenance. (In the case of LLVM, the IR may be always correct.)5.5
- CVE-2019-16138An issue was discovered in the image crate before 0.21.3 for Rust, affecting the HDR image format decoder. Vec::set_len is called on an uninitialized vector, leading to a use-after-free and arbitra...9.8
Product normalization is registry-driven with AI assist and human review. How it works