{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-33812", "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "state": "PUBLISHED", "assignerShortName": "Go", "dateReserved": "2026-03-23T20:35:32.814Z", "datePublished": "2026-04-21T19:21:28.556Z", "dateUpdated": "2026-04-21T20:43:11.915Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go", "dateUpdated": "2026-04-21T19:21:28.556Z"}, "title": "Excessive memory allocation when decoding malicious SFNT in golang.org/x/image", "descriptions": [{"lang": "en", "value": "Parsing a malicious font file can cause excessive memory allocation."}], "affected": [{"vendor": "golang.org/x/image", "product": "golang.org/x/image/font/sfnt", "collectionURL": "https://pkg.go.dev", "packageName": "golang.org/x/image/font/sfnt", "versions": [{"version": "0", "lessThan": "0.39.0", "status": "affected", "versionType": "semver"}], "programRoutines": [{"name": "source.view"}, {"name": "Collection.Font"}, {"name": "Font.GlyphAdvance"}, {"name": "Font.GlyphBounds"}, {"name": "Font.GlyphIndex"}, {"name": "Font.GlyphName"}, {"name": "Font.Kern"}, {"name": "Font.LoadGlyph"}, {"name": "Font.Name"}, {"name": "Font.WriteSourceTo"}, {"name": "Parse"}, {"name": "ParseCollection"}, {"name": "ParseCollectionReaderAt"}, {"name": "ParseReaderAt"}], "defaultStatus": "unaffected"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-789: Memory Allocation with Excessive Size Value"}]}], "references": [{"url": "https://go.dev/cl/761180"}, {"url": "https://go.dev/issue/78382"}, {"url": "https://pkg.go.dev/vuln/GO-2026-4962"}], "credits": [{"lang": "en", "value": "Andy Gill, ZephrSec Ltd"}]}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-21T20:43:08.370574Z", "id": "CVE-2026-33812", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-21T20:43:11.915Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-33812", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-21T20:43:08.370574Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-21T20:43:03.869Z"}}], "cna": {"title": "Excessive memory allocation when decoding malicious SFNT in golang.org/x/image", "credits": [{"lang": "en", "value": "Andy Gill, ZephrSec Ltd"}], "affected": [{"vendor": "golang.org/x/image", "product": "golang.org/x/image/font/sfnt", "versions": [{"status": "affected", "version": "0", "lessThan": "0.39.0", "versionType": "semver"}], "packageName": "golang.org/x/image/font/sfnt", "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "programRoutines": [{"name": "source.view"}, {"name": "Collection.Font"}, {"name": "Font.GlyphAdvance"}, {"name": "Font.GlyphBounds"}, {"name": "Font.GlyphIndex"}, {"name": "Font.GlyphName"}, {"name": "Font.Kern"}, {"name": "Font.LoadGlyph"}, {"name": "Font.Name"}, {"name": "Font.WriteSourceTo"}, {"name": "Parse"}, {"name": "ParseCollection"}, {"name": "ParseCollectionReaderAt"}, {"name": "ParseReaderAt"}]}], "references": [{"url": "https://go.dev/cl/761180"}, {"url": "https://go.dev/issue/78382"}, {"url": "https://pkg.go.dev/vuln/GO-2026-4962"}], "descriptions": [{"lang": "en", "value": "Parsing a malicious font file can cause excessive memory allocation."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-789: Memory Allocation with Excessive Size Value"}]}], "providerMetadata": {"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go", "dateUpdated": "2026-04-21T19:21:28.556Z"}}}, "cveMetadata": {"cveId": "CVE-2026-33812", "state": "PUBLISHED", "dateUpdated": "2026-04-21T20:43:11.915Z", "dateReserved": "2026-03-23T20:35:32.814Z", "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "datePublished": "2026-04-21T19:21:28.556Z", "assignerShortName": "Go"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:golang:image:*:*:*:*:*:go:*:*", "matchCriteriaId": "C0501D26-73D5-4E11-80EE-77576FB64671", "versionEndExcluding": "0.39.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Parsing a malicious font file can cause excessive memory allocation."}], "id": "CVE-2026-33812", "lastModified": "2026-05-13T20:03:32.453", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 4.2, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-04-21T20:16:56.290", "references": [{"source": "[email protected]", "tags": ["Patch"], "url": "https://go.dev/cl/761180"}, {"source": "[email protected]", "tags": ["Issue Tracking"], "url": "https://go.dev/issue/78382"}, {"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "https://pkg.go.dev/vuln/GO-2026-4962"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-770"}], "source": "[email protected]", "type": "Primary"}]}

{"bugzilla": {"description": "golang.org/x/image: golang: golang.org/x/image: Denial of Service due to excessive memory allocation when parsing malicious font files", "id": "2460227", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460227"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "status": "draft"}, "cwe": "CWE-770", "details": ["A flaw was found in golang.org/x/image. A remote attacker could exploit this vulnerability by providing a specially crafted font file. Parsing this malicious file can lead to excessive memory allocation, which may result in a Denial of Service (DoS) for the affected system."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2026-33812", "package_state": [{"cpe": "cpe:/a:redhat:cryostat:4", "fix_state": "Fix deferred", "package_name": "cryostat/cryostat-storage-rhel9", "product_name": "Cryostat 4"}, {"cpe": "cpe:/a:redhat:logging:6", "fix_state": "Fix deferred", "package_name": "openshift-logging/cluster-logging-rhel9-operator", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:multicluster_globalhub", "fix_state": "Fix deferred", "package_name": "multicluster-globalhub/multicluster-globalhub-grafana-rhel9", "product_name": "Multicluster Global Hub"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Fix deferred", "package_name": "openshift-serverless-1/kn-plugin-event-sender-rhel9", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:service_mesh:2", "fix_state": "Fix deferred", "package_name": "openshift-golang-builder-container", "product_name": "OpenShift Service Mesh 2"}, {"cpe": "cpe:/a:redhat:service_mesh:2", "fix_state": "Fix deferred", "package_name": "openshift-service-mesh/istio-rhel8-operator", "product_name": "OpenShift Service Mesh 2"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Fix deferred", "package_name": "openshift-golang-builder-container", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Fix deferred", "package_name": "rhacm2/acm-grafana-rhel9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Fix deferred", "package_name": "rhacm2/volsync-rhel9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Fix deferred", "package_name": "ansible-automation-platform/platform-operator-bundle", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "golang", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "go-toolset:rhel8/golang", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "golang", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:3", "fix_state": "Fix deferred", "package_name": "golang", "product_name": "Red Hat Enterprise Linux AI (RHEL AI) 3"}, {"cpe": "cpe:/a:redhat:hummingbird:1", "fix_state": "Fix deferred", "package_name": "golang1.25", "product_name": "Red Hat Hardened Images"}, {"cpe": "cpe:/a:redhat:hummingbird:1", "fix_state": "Fix deferred", "package_name": "golang1.26", "product_name": "Red Hat Hardened Images"}, {"cpe": "cpe:/a:redhat:hummingbird:1", "fix_state": "Fix deferred", "package_name": "hugo", "product_name": "Red Hat Hardened Images"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-model-registry-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/ose-tests-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift-golang-builder-container", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift_gitops:1", "fix_state": "Fix deferred", "package_name": "openshift-gitops-1/argocd-rhel8", "product_name": "Red Hat OpenShift GitOps"}, {"cpe": "cpe:/a:redhat:openshift_gitops:1", "fix_state": "Fix deferred", "package_name": "openshift-gitops-1/argocd-rhel9", "product_name": "Red Hat OpenShift GitOps"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:4", "fix_state": "Fix deferred", "package_name": "openshift-golang-builder-container", "product_name": "Red Hat OpenShift Virtualization 4"}, {"cpe": "cpe:/a:redhat:openstack:18.0", "fix_state": "Fix deferred", "package_name": "rhoso-operators/openstack-operator-bundle", "product_name": "Red Hat OpenStack Platform 18.0"}], "public_date": "2026-04-21T19:21:28Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-33812\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-33812\nhttps://go.dev/cl/761180\nhttps://go.dev/issue/78382\nhttps://pkg.go.dev/vuln/GO-2026-4962"], "statement": "This has been rated as Moderate impact. The golang.org/x/image package is vulnerable to a denial of service when processing a specially crafted font file. An attacker could exploit this by convincing a user to open a malicious font file, leading to excessive memory allocation and potential system unavailability. This vulnerability requires user interaction, limiting its immediate impact on typical Red Hat deployments.", "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,0.39.0)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "golang.org/x/image/font/sfnt", "source": "cna", "vendor": "golang.org/x/image"}, "product": "image", "vendor": "golang"}], "created": "2026-04-22T05:30:09.560673+00:00", "updated": "2026-05-02T14:00:06.485596+00:00", "vendors": ["golang", "golang$PRODUCT$image"]}