CVE-2026-29112 Overview
CVE-2026-29112 is a Denial of Service vulnerability in DiceBear, an avatar library for designers and developers. Prior to version 9.4.0, the ensureSize() function in @dicebear/converter read the width and height attributes from the input SVG to determine the output canvas size for rasterization (PNG, JPEG, WebP, AVIF). An attacker who can supply a crafted SVG with extremely large dimensions (e.g., width="999999999") could force the server to allocate excessive memory, leading to denial of service.
This vulnerability primarily affects server-side applications that pass untrusted or user-supplied SVGs to the converter's toPng(), toJpeg(), toWebp(), or toAvif() functions. Applications that only convert self-generated DiceBear avatars are not practically exploitable, but are still recommended to upgrade.
Critical Impact
Server-side applications processing untrusted SVG input are vulnerable to memory exhaustion attacks, potentially causing complete service disruption through resource exhaustion.
Affected Products
- DiceBear @dicebear/converter versions prior to 9.4.0
Discovery Timeline
- 2026-03-18 - CVE-2026-29112 published to NVD
- 2026-03-18 - Last updated in NVD database
Technical Details for CVE-2026-29112
Vulnerability Analysis
This vulnerability falls under CWE-770 (Allocation of Resources Without Limits or Throttling). The core issue resides in the ensureSize() function within the @dicebear/converter package. When processing SVG files for rasterization, the function trusted user-supplied width and height attributes without any bounds checking or sanitization.
When an attacker submits an SVG with maliciously large dimension values such as width="999999999", the converter attempts to allocate a canvas buffer proportional to these dimensions. For image formats like PNG, JPEG, WebP, and AVIF, this translates to allocating width × height × bytes-per-pixel of memory. With dimensions in the billions, this memory allocation can quickly exhaust available server resources, leading to application crashes or system-wide resource starvation.
Root Cause
The ensureSize() function directly consumed SVG attribute values to determine output canvas dimensions without implementing any validation, maximum bounds, or sanitization. The function assumed all input SVGs would contain reasonable dimension values, which is a dangerous assumption when processing untrusted input. This allowed arbitrary memory allocation controlled entirely by external input.
Attack Vector
The attack is network-accessible and requires no authentication or user interaction. An attacker can exploit this vulnerability by submitting a specially crafted SVG to any endpoint that processes user-supplied SVG files through the DiceBear converter. The attack payload is trivial to construct—simply including oversized dimension attributes in an otherwise valid SVG triggers the resource exhaustion condition.
// Patched code in packages/@dicebear/converter/src/core.ts
// Source: https://github.com/dicebear/dicebear/commit/42a59eac46a3c68598859e608ec45e578b27614a
ToPng,
ToWebp,
ToAvif,
+ Options,
} from './types.js';
import { getMimeType } from './utils/mime-type.js';
import { ensureSize } from './utils/svg.js';
-export const toPng: ToPng = (avatar: Avatar) => {
- return toFormat(avatar, 'png');
+export const toPng: ToPng = (avatar: Avatar, options: Options = {}) => {
+ return toFormat(avatar, 'png', options);
};
-export const toJpeg: ToJpeg = (avatar: Avatar) => {
- return toFormat(avatar, 'jpeg');
+export const toJpeg: ToJpeg = (avatar: Avatar, options: Options = {}) => {
+ return toFormat(avatar, 'jpeg', options);
};
-export const toWebp: ToWebp = (avatar: Avatar) => {
- return toFormat(avatar, 'webp');
+export const toWebp: ToWebp = (avatar: Avatar, options: Options = {}) => {
+ return toFormat(avatar, 'webp', options);
};
-export const toAvif: ToAvif = (avatar: Avatar) => {
- return toFormat(avatar, 'avif');
+export const toAvif: ToAvif = (avatar: Avatar, options: Options = {}) => {
+ return toFormat(avatar, 'avif', options);
The patch introduces an Options parameter with a controlled size option, removing the reliance on untrusted SVG attributes:
// Patched ensureSize call in packages/@dicebear/converter/src/node/core.ts
// Source: https://github.com/dicebear/dicebear/commit/42a59eac46a3c68598859e608ec45e578b27614a
): Promise<Buffer> {
const hasFonts = Array.isArray(options.fonts);
- const { svg } = ensureSize(rawSvg);
+ const { svg } = ensureSize(rawSvg, options.size);
let buffer = (
await renderAsync(svg, {
Detection Methods for CVE-2026-29112
Indicators of Compromise
- Unusual memory consumption spikes on servers running DiceBear converter
- Application crashes or out-of-memory errors correlated with SVG processing requests
- HTTP requests containing SVG payloads with abnormally large dimension attributes
- Server performance degradation during avatar generation operations
Detection Strategies
- Monitor Node.js process memory usage for sudden allocation spikes exceeding normal thresholds
- Implement request logging to capture SVG payloads for forensic analysis
- Deploy WAF rules to inspect incoming SVG content for oversized dimension attributes
- Set up alerting on application container restarts or OOM killer events
Monitoring Recommendations
- Configure memory usage alerts for services utilizing @dicebear/converter
- Implement request rate limiting on avatar generation endpoints
- Monitor for patterns of repeated requests that cause memory allocation failures
- Track package versions in dependency manifests to identify vulnerable deployments
How to Mitigate CVE-2026-29112
Immediate Actions Required
- Upgrade @dicebear/converter to version 9.4.0 or later immediately
- Audit application code for any usage of toPng(), toJpeg(), toWebp(), or toAvif() functions with untrusted input
- Implement input validation on SVG uploads before processing
- Consider rate limiting avatar generation endpoints as an additional defense layer
Patch Information
The vulnerability is fixed in DiceBear version 9.4.0. The ensureSize() function no longer reads SVG attributes to determine output size. Instead, a new size option (default: 512, max: 2048) controls the output dimensions. Invalid values (NaN, negative, zero, Infinity) automatically fall back to the default safe value.
For detailed patch information, see the GitHub Security Advisory GHSA-v3r3-4qgc-vw66 and the commit 42a59eac46a3c68598859e608ec45e578b27614a.
Workarounds
- If upgrading is not immediately possible, validate and sanitize the width and height attributes of any untrusted SVG input before passing it to the converter
- Implement SVG parsing middleware that rejects or rewrites dimension attributes exceeding reasonable bounds (e.g., 2048 pixels)
- Deploy memory limits on Node.js processes using --max-old-space-size to prevent system-wide resource exhaustion
- Consider isolating avatar generation in containerized environments with strict resource constraints
# Configuration example - Set Node.js memory limits
node --max-old-space-size=512 app.js
# npm upgrade to patched version
npm install @dicebear/converter@9.4.0
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
