EUVD-2024-2407

Malicious code in bioql PyPI...

EUVD-2025-23196

Malicious code in bioql PyPI...

EUVD-2024-1203

Malicious code in bioql PyPI...

EUVD-2024-0840

Malicious code in bioql PyPI...

CVE-2025-54575

ImageSharp is a 2D graphics library. In versions below 2.1.11 and 3.0.0 through 3.1.10, a specially crafted GIF file containing a malformed comment extension block with a missing block terminator can cause the ImageSharp GIF decoder to enter an infinite loop while attempting to skip the block. Th...

CVE-2025-54575 ImageSharp Triggers an Infinite Loop in its GIF Decoder When Skipping Malformed Comment Extension Blocks

ImageSharp is a 2D graphics library. In versions below 2.1.11 and 3.0.0 through 3.1.10, a specially crafted GIF file containing a malformed comment extension block with a missing block terminator can cause the ImageSharp GIF decoder to enter an infinite loop while attempting to skip the block. Th...

CVE-2025-54575

CVE-2025-54575 affects SixLabors.ImageSharp (GIF decoding path). Versions before 2.1.11 and 3.0.0–3.1.10 are vulnerable to an infinite loop when processing specially crafted GIF files with a malformed comment extension block and missing terminator, leading to DoS. A fix is available in ImageSharp...

GHSA-RXMQ-M78W-7WMC SixLabors ImageSharp Has Infinite Loop in GIF Decoder When Skipping Malformed Comment Extension Blocks

Impact A specially crafted GIF file containing a malformed comment extension block with a missing block terminator can cause the ImageSharp GIF decoder to enter an infinite loop while attempting to skip the block. This leads to a denial of service. Applications processing untrusted GIF input shou...

PT-2025-31440 · Sixlabors · Imagesharp

Name of the Vulnerable Software and Affected Versions: ImageSharp versions prior to 2.1.11 ImageSharp versions 3.0.0 through 3.1.10 Description: ImageSharp is a 2D graphics library susceptible to a denial of service. A specially crafted GIF file containing a malformed comment extension block,...

CVE-2024-32036

ImageSharp is a 2D graphics API. A data leakage flaw was found in ImageSharp's JPEG and TGA decoders. This vulnerability is triggered when an attacker passes a specially crafted JPEG or TGA image file to a software using ImageSharp, potentially disclosing sensitive information from other parts of...

Out-of-bounds Write

ImageSharp is vulnerable to an Out-of-Bounds Write. The vulnerability is due to improper memory handling due to an issue in the GIF decoder, allowing attackers to craft a malicious GIF that causes a crash, potentially leading to a denial of service...

CVE-2025-27598

ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. The problem has been patched. All users are advised to upgrade to...

CVE-2025-27598

CVE-2025-27598 affects SixLabors.ImageSharp, specifically the GIF decoder, where an out-of-bounds write can cause a crash and potential denial of service. The issue stems from improper handling in GIF decoding. Remediation is to upgrade ImageSharp to v3.1.7 or v2.1.10 (or higher). Multiple source...

CVE-2025-27598 Out-of-bounds Write in SixLabors ImageSharp

ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. The problem has been patched. All users are advised to upgrade to...

CVE-2024-27929

ImageSharp is a managed, cross-platform, 2D graphics library. A heap-use-after-free flaw was found in ImageSharp's InitializeImage function of PngDecoderCore.cs file. This vulnerability is triggered when an attacker passes a specially crafted PNG image file to ImageSharp for conversion, potential...

CVE-2024-27929

SixLabors.ImageSharp is affected by a heap-use-after-free in InitializeImage() within PngDecoderCore.cs when processing specially crafted PNG files, potentially leading to information disclosure. The issue affects ImageSharp versions prior to 3.1.3 and 2.1.7. Remediation in the public CVE context...

CVE-2024-27929 Use After Free in SixLabors.ImageSharp

ImageSharp is a managed, cross-platform, 2D graphics library. A heap-use-after-free flaw was found in ImageSharp's InitializeImage function of PngDecoderCore.cs file. This vulnerability is triggered when an attacker passes a specially crafted PNG image file to ImageSharp for conversion, potential...

ImageSharp Security Vulnerability

ImageSharp is a new, full-featured, fully managed, cross-platform 2D graphics API from ImageSharp, Inc. A security vulnerability exists in ImageSharp versions prior to v3.1.3, which stems from a post-release reuse vulnerability in ImageSharp's InitializeImage function in the PngDecoderCore.cs fil...