CVE-2024-41132

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-41132
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-41132.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-41132
Aliases
Published
2024-07-22T15:15:04Z
Modified
2024-10-12T11:27:58.143404Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

ImageSharp is a 2D graphics API. A vulnerability discovered in the ImageSharp library, where the processing of specially crafted files can lead to excessive memory usage in the Gif decoder. The vulnerability is triggered when ImageSharp attempts to process image files that are designed to exploit this flaw. All users are advised to upgrade to v3.1.5 or v2.1.9.

References

Affected packages

Git / github.com/sixlabors/imagesharp

Affected ranges

Type
GIT
Repo
https://github.com/sixlabors/imagesharp
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed
Fixed

Affected versions

v1.*

v1.0.3

v2.*

v2.0.0
v2.1.0
v2.1.1
v2.1.2
v2.1.3
v2.1.4
v2.1.5
v2.1.6
v2.1.7
v2.1.8

v3.*

v3.0.0
v3.0.1
v3.1.0
v3.1.1
v3.1.2
v3.1.3
v3.1.4