CNNVD-202507-3815 Information
CNNVD ID
CNNVD-202507-3815
Related CVE
- CNNVD Published: 2025-07-30
Description (Chinese)
ImageSharp是Six Labors开源的一款全新的、功能齐全、管理全面、跨平台的二维图形 API。 ImageSharp 2.1.11之前版本和3.0.0至3.1.10版本存在安全漏洞,该漏洞源于处理特制GIF文件时可能进入无限循环,导致拒绝服务。
Description (English)
ImageSharp is a brand-new, fully functional, managed, and cross-platform 2D graphic API from Six Labors. Prior to ImageSharp 2.1.11 and from 3.0.0 to 3.1.10, there was a security loop, which stemmed from the possibility of an unlimited cycle of processing customized GIF documents, leading to the denial of services.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Six Labors
Published
2025-07-30
Last Modified
2026-02-24
References
https://github.com/SixLabors/ImageSharp/commit/55e49262df9a057dff9b7807ed1b7bdb49187c3f https://github.com/SixLabors/ImageSharp/commit/833f3ceec35af6b775950e06f03b934546cefbf6 https://github.com/SixLabors/ImageSharp/issues/2953 https://github.com/SixLabors/ImageSharp/security/advisories/GHSA-rxmq-m78w-7wmc
Patch
https://github.com/SixLabors/ImageSharp/releases
Share on: