CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
AI Score
Confidence
High
EPSS
Percentile
17.1%
SixLabors.ImageSharp is vulnerable to Denial of Service (DoS). The vulnerability is caused by processing specially crafted files, which results in excessive memory usage during image decoding.
docs.sixlabors.com/articles/imagesharp.web/processingcommands.html#securing-processing-commands
docs.sixlabors.com/articles/imagesharp/security.html
github.com/advisories/GHSA-g85r-6x2q-45w7
github.com/SixLabors/ImageSharp/commit/b6b08ac3e7cea8da5ac1e90f7c0b67dd254535c3
github.com/SixLabors/ImageSharp/commit/f21d64188e59ae9464ff462056a5e29d8e618b27
github.com/SixLabors/ImageSharp/security/advisories/GHSA-g85r-6x2q-45w7