7.5
CVE-2025-27598
- EPSS 0.53%
- Veröffentlicht 06.03.2025 23:15:12
- Zuletzt bearbeitet 24.03.2025 18:36:19
- Quelle security-advisories@github.com
- CVE-Watchlists
- Unerledigt
Out-of-bounds Write in SixLabors ImageSharp
ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. The problem has been patched. All users are advised to upgrade to v3.1.7 or v2.1.10.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Sixlabors ≫ Imagesharp Version < 2.1.10
Sixlabors ≫ Imagesharp Version >= 3.0.0 < 3.1.7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.53% | 0.403 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| security-advisories@github.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.
https://github.com/SixLabors/ImageSharp/security/advisories/GHSA-2cmq-823j-5qj8
https://github.com/SixLabors/ImageSharp/issues/2859
https://github.com/SixLabors/ImageSharp/pull/2890