CVE-2024-7547

CVE-2024-7547 corresponds to an oFono vulnerability: a stack-based buffer overflow in the SMS PDU parser that allows a local attacker who can run code on the target modem to execute arbitrary code in the context of the service account. Root cause: insufficient validation of user-supplied data len...

oFono 安全漏洞

oFono is an open source telephony communication framework open-sourced by UBports. A security vulnerability exists in oFono that stems from a stack-based buffer overflow elevation of privilege vulnerability found in the SMS Decoder module...

gorilla/schema: Potential memory exhaustion attack due to sparse slice deserialization

A flaw was found in the gorilla/schema package. Running schema.Decoder.Decode on a struct that has a field of type struct... opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of schema.Decoder.Decode on a struct with arrays ...

encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...

gorilla/schema: Potential memory exhaustion attack due to sparse slice deserialization

A flaw was found in the gorilla/schema package. Running schema.Decoder.Decode on a struct that has a field of type struct... opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of schema.Decoder.Decode on a struct with arrays ...

Out-of-bounds Write

SixLabors.ImageSharp is vulnerable to an Out-of-bounds Write. The vulnerability is due to minCodeSize in the DecodePixels method within the ImageSharp gif decoder, which allows an attacker to crash the application using a specially crafted gif...

GHSA-QXRV-GP6X-RC23 SixLabors ImageSharp has Excessive Memory Allocation in Gif Decoder

Impact What kind of vulnerability is it? Who is impacted? A vulnerability discovered in the ImageSharp library, where the processing of specially crafted files can lead to excessive memory usage in the Gif decoder. The vulnerability is triggered when ImageSharp attempts to process image files tha...

SixLabors ImageSharp has Excessive Memory Allocation in Gif Decoder

Impact What kind of vulnerability is it? Who is impacted? A vulnerability discovered in the ImageSharp library, where the processing of specially crafted files can lead to excessive memory usage in the Gif decoder. The vulnerability is triggered when ImageSharp attempts to process image files tha...

GHSA-63P8-C4WW-9CG7 SixLabors ImageSharp Out-of-bounds Write

Impact An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. Patches The problem has been patched. All users are advised to upgrade to v3.1.5 or v2.1.9...

Out-of-Bounds Write

Overview Affected versions of this package are vulnerable to Out-of-Bounds Write in the ImageSharp gif decoder. An attacker can cause a crash by sending a specially crafted gif file. Remediation Upgrade SixLabors.ImageSharp to version 2.1.9, 3.1.5 or higher. References - GitHub Commit - GitHub...

SixLabors ImageSharp Out-of-bounds Write

Impact An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. Patches The problem has been patched. All users are advised to upgrade to v3.1.5 or v2.1.9...

CVE-2024-41131

ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. All users are advised to upgrade to v3.1.5 or v2.1.9...

CVE-2024-41132 SixLabors ImageSharp Allows Excessive Memory Allocation in Gif Decoder

ImageSharp is a 2D graphics API. A vulnerability discovered in the ImageSharp library, where the processing of specially crafted files can lead to excessive memory usage in the Gif decoder. The vulnerability is triggered when ImageSharp attempts to process image files that are designed to exploit...

CVE-2024-41132 SixLabors ImageSharp Allows Excessive Memory Allocation in Gif Decoder

ImageSharp is a 2D graphics API. A vulnerability discovered in the ImageSharp library, where the processing of specially crafted files can lead to excessive memory usage in the Gif decoder. The vulnerability is triggered when ImageSharp attempts to process image files that are designed to exploit...

CVE-2024-41132

CVE-2024-41132 (ImageSharp) : A vulnerability in the ImageSharp Gif decoder can cause excessive memory usage when processing specially crafted GIF files. The issue is triggered during image processing and affects SixLabors.ImageSharp. Remediation is to upgrade to SixLabors.ImageSharp versions 3.1...

CVE-2024-41132 SixLabors ImageSharp Allows Excessive Memory Allocation in Gif Decoder

ImageSharp is a 2D graphics API. A vulnerability discovered in the ImageSharp library, where the processing of specially crafted files can lead to excessive memory usage in the Gif decoder. The vulnerability is triggered when ImageSharp attempts to process image files that are designed to exploit...

CVE-2024-41131 Out-of-bounds Write in SixLabors ImageSharp

ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. All users are advised to upgrade to v3.1.5 or v2.1.9...

CVE-2024-41131 Out-of-bounds Write in SixLabors ImageSharp

ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. All users are advised to upgrade to v3.1.5 or v2.1.9...

CVE-2024-41131 Out-of-bounds Write in SixLabors ImageSharp

ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. All users are advised to upgrade to v3.1.5 or v2.1.9...

CVE-2024-41131

CVE-2024-41131 describes an Out-of-bounds Write vulnerability in the ImageSharp gif decoder of SixLabors.ImageSharp, allowing an attacker to crash the application via a specially crafted GIF file, with potential denial of service. Affected component: ImageSharp GIF decoding path within the 2D gra...