Uncontrolled memory allocation via crafted SVG dimensions in @dicebear/converter
The ensureSize() function in @dicebear/converter (versions < 9.4.0) read the width and height attributes from the input SVG to determine the output canvas size for rasterization (PNG, JPEG, WebP, AVIF). An attacker who can supply a crafted SVG with extremely large dimensions (e.g. width="999999999") could force the server to allocate excessive memory, leading to denial of service. This primarily affects server-side applications that pass untrusted or user-supplied SVGs to the …