Github.Com Bep Imagemeta vulnerabilities
2 known vulnerabilities affecting github.com/bep_imagemeta.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2025-32025P4MEDIUM≥ 0, < 0.11.02025-04-09
CVE-2025-32025 [MEDIUM] CWE-770 bep/imagemeta allows a potentially large memory allocation in PNG and WebP parsing
bep/imagemeta allows a potentially large memory allocation in PNG and WebP parsing
### Impact
The buffer created for parsing metadata for PNG and WebP images was only bounded by their input data type, which could lead to potentially large memory allocation, and unreasonably high for image metadata. Before `v0.11.0`, If you didn't trust the input images, this could be abused to con
ghsaosv
CVE-2025-32024P4MEDIUM≥ 0, < 0.10.02025-04-09
CVE-2025-32024 [MEDIUM] CWE-770 bep/imagemeta allows excessively large EXIF data structures
bep/imagemeta allows excessively large EXIF data structures
### Impact
The EXIF data format allows for defining excessively large data structures in relatively small payloads. Before `v0.10.0`, If you didn't trust the input images, this could be abused to construct denial-of-service attacks.
### Patches
`v0.10.0` added LimitNumTags (default 5000) and LimitTagSize (default 10000) options.
ghsaosv