CVE-2026-29112 in DiceBear
Summary
by MITRE • 03/18/2026
DiceBear is an avatar library for designers and developers. Prior to version 9.4.0, the `ensureSize()` function in `@dicebear/converter` read the `width` and `height` attributes from the input SVG to determine the output canvas size for rasterization (PNG, JPEG, WebP, AVIF). An attacker who can supply a crafted SVG with extremely large dimensions (e.g. `width="999999999"`) could force the server to allocate excessive memory, leading to denial of service. This primarily affects server-side applications that pass untrusted or user-supplied SVGs to the converter's `toPng()`, `toJpeg()`, `toWebp()`, or `toAvif()` functions. Applications that only convert self-generated DiceBear avatars are not practically exploitable, but are still recommended to upgrade. This is fixed in version 9.4.0. The `ensureSize()` function no longer reads SVG attributes to determine output size. Instead, a new `size` option (default: 512, max: 2048) controls the output dimensions. Invalid values (NaN, negative, zero, Infinity) fall back to the default. If upgrading is not immediately possible, validate and sanitize the `width` and `height` attributes of any untrusted SVG input before passing it to the converter.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 03/22/2026
The vulnerability identified as CVE-2026-29112 affects the DiceBear avatar library, specifically targeting the @dicebear/converter package prior to version 9.4.0. This issue stems from a critical flaw in how the library processes SVG input during rasterization operations, creating a potential denial of service condition that can be exploited through crafted malicious input. The vulnerability operates at the intersection of input validation and resource management, where untrusted SVG content can manipulate memory allocation patterns within server-side applications.
The technical implementation of this vulnerability lies within the `ensureSize()` function which previously extracted width and height attributes directly from input SVG elements to determine canvas dimensions for output rasterization formats including PNG, JPEG, WebP, and AVIF. When attackers supply SVG files containing extremely large dimension values such as width="999999999", the system allocates excessive memory resources proportional to these inflated dimensions, creating a resource exhaustion scenario that can lead to complete service unavailability. This represents a classic denial of service attack vector where computational resources are consumed inappropriately through malformed input processing.
The operational impact of this vulnerability extends primarily to server-side applications that process untrusted or user-supplied SVG content through the converter functions. Applications that only handle self-generated DiceBear avatars remain practically immune to exploitation since these are typically generated with controlled dimensions, however security best practices dictate that all affected systems should upgrade regardless. The vulnerability demonstrates a significant gap in input sanitization and resource boundary enforcement, where the library failed to implement proper bounds checking on dimension attributes before proceeding with memory allocation for rasterization operations. This flaw aligns with CWE-122 (Heap-based Buffer Overflow) and CWE-400 (Uncontrolled Resource Consumption) categories, representing both memory management issues and resource exhaustion concerns.
The fix implemented in version 9.4.0 addresses this vulnerability by completely eliminating the reliance on SVG attribute values for determining output dimensions. Instead, a new size option parameter with default value of 512 and maximum limit of 2048 pixels is introduced to control output canvas dimensions. This change fundamentally alters the library's behavior by establishing explicit boundaries for resource allocation rather than allowing external input to dictate computational requirements. The implementation includes robust validation mechanisms that handle invalid values such as NaN, negative numbers, zero, and Infinity by falling back to the default size parameter, thereby preventing the exploitation vector entirely. Organizations unable to upgrade immediately should implement input validation measures to sanitize width and height attributes of untrusted SVG content before processing, which aligns with ATT&CK technique T1059.007 (Command and Scripting Interpreter: JavaScript) and T1499.004 (Resource Hijacking: Cloud Compute) by preventing malicious input from causing resource exhaustion. This remediation approach demonstrates proper secure coding practices through input validation, resource limitation, and defensive programming techniques that prevent similar vulnerabilities from occurring in future implementations.