CVE-2020-21677

Name of the Vulnerable Software and Affected Versions Libsixel version 1.8.4

Description A heap-based buffer overflow in the sixel encoder output without macro function in encoder.c of Libsixel allows attackers to cause a denial of service (DOS) via converting a crafted PNG file into Sixel format.

Recommendations For Libsixel version 1.8.4, consider disabling the sixel encoder output without macro function until a patch is available to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.