PT-2025-31440 · Sixlabors · Imagesharp
Whatevicanhaz
·
Published
2025-07-30
·
Updated
2025-07-31
·
CVE-2025-54575
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
ImageSharp versions prior to 2.1.11
ImageSharp versions 3.0.0 through 3.1.10
Description
ImageSharp is a 2D graphics library susceptible to a denial of service. A specially crafted GIF file containing a malformed comment extension block, specifically missing a block terminator, can cause the ImageSharp GIF decoder to enter an infinite loop while attempting to skip the block. This issue affects applications processing untrusted GIF input.
Recommendations
Upgrade to version 2.1.11 or later.
Upgrade to version 3.1.11 or later.
Exploit
Fix
DoS
Resource Exhaustion
Allocation of Resources Without Limits
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Imagesharp