SixLabors ImageSharp Out-of-bounds Write
Package
Affected versions
< 2.1.9
>= 3.0.0, < 3.1.5
Patched versions
2.1.9
3.1.5
Description
Published by the National Vulnerability Database
Jul 22, 2024
Published to the GitHub Advisory Database
Jul 22, 2024
Reviewed
Jul 22, 2024
Last updated
Aug 1, 2024
Impact
An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service.
Patches
The problem has been patched. All users are advised to upgrade to v3.1.5 or v2.1.9.
Workarounds
None.
References
SixLabors/ImageSharp#2754
SixLabors/ImageSharp#2756
References