PT-2024-29285 · Unknown · Imagesharp

Erik-White

Published

2024-07-22

Updated

2024-09-11

CVE-2024-41131

CVSS v4.0

8.7

High

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions ImageSharp versions prior to 2.1.9 ImageSharp versions prior to 3.1.5

Description An Out-of-bounds Write issue has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service.

Recommendations For versions prior to 2.1.9, upgrade to v2.1.9. For versions prior to 3.1.5, upgrade to v3.1.5.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2024-41131

GHSA-63P8-C4WW-9CG7

Affected Products

Imagesharp

PT-2024-29285 · Unknown · Imagesharp

CVE-2024-41131

Weakness Enumeration

Related Identifiers

Affected Products

References · 12