We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-41131

Out-of-bounds Write in SixLabors ImageSharp



AssignerGitHub_M
Reserved2024-07-15
Published2024-07-22
Updated2024-08-02

Description

ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. All users are advised to upgrade to v3.1.5 or v2.1.9.



HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Problem types

CWE-787: Out-of-bounds Write

Product status

< 2.1.9
affected

>= 3.0.0, < 3.1.5
affected

References

https://github.com/SixLabors/ImageSharp/security/advisories/GHSA-63p8-c4ww-9cg7

https://github.com/SixLabors/ImageSharp/pull/2754

https://github.com/SixLabors/ImageSharp/pull/2756

https://github.com/SixLabors/ImageSharp/commit/9dda64a8186af67baf06b6d9c1ab599c3608b693

https://github.com/SixLabors/ImageSharp/commit/a1f287977139109a987065643b8172c748abdadb

cve.org CVE-2024-41131

nvd.nist.gov CVE-2024-41131

Download JSON

Share this page
https://cve.threatint.com
Subscribe to our newsletter to learn more about our work.

© Copyright 2024 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.