Name of the Vulnerable Software and Affected Versions:

ImageSharp versions prior to 2.1.11

ImageSharp versions 3.0.0 through 3.1.10

Description:

ImageSharp is a 2D graphics library susceptible to a denial of service. A specially crafted GIF file containing a malformed comment extension block, specifically missing a block terminator, can cause the ImageSharp GIF decoder to enter an infinite loop while attempting to skip the block. This issue affects applications processing untrusted GIF input.

Recommendations:

Upgrade to version 2.1.11 or later.

Upgrade to version 3.1.11 or later.