James Jackson-South

8 exploits Active since Apr 2024
CVE-2024-41132 WRITEUP MEDIUM WRITEUP
ImageSharp < 2.1.9 - Denial of Service via Gif Decoder
ImageSharp is a 2D graphics API. A vulnerability discovered in the ImageSharp library, where the processing of specially crafted files can lead to excessive memory usage in the Gif decoder. The vulnerability is triggered when ImageSharp attempts to process image files that are designed to exploit this flaw. All users are advised to upgrade to v3.1.5 or v2.1.9.
CVSS 5.3
CVE-2024-32036 WRITEUP MEDIUM WRITEUP
ImageSharp <3.1.4, <2.1.8 - Info Disclosure
ImageSharp is a 2D graphics API. A data leakage flaw was found in ImageSharp's JPEG and TGA decoders. This vulnerability is triggered when an attacker passes a specially crafted JPEG or TGA image file to a software using ImageSharp, potentially disclosing sensitive information from other parts of the software in the resulting image buffer. The problem has been patched in v3.1.4 and v2.1.8.
CVSS 5.3
CVE-2024-41131 WRITEUP HIGH WRITEUP
ImageSharp 2.1.0-2.1.8 - Out-of-bounds Write in GIF Decoder
ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. All users are advised to upgrade to v3.1.5 or v2.1.9.
CVSS 7.5
CVE-2024-41132 WRITEUP MEDIUM WRITEUP
ImageSharp < 2.1.9 - Denial of Service via Gif Decoder
ImageSharp is a 2D graphics API. A vulnerability discovered in the ImageSharp library, where the processing of specially crafted files can lead to excessive memory usage in the Gif decoder. The vulnerability is triggered when ImageSharp attempts to process image files that are designed to exploit this flaw. All users are advised to upgrade to v3.1.5 or v2.1.9.
CVSS 5.3
CVE-2025-54575 WRITEUP MEDIUM WRITEUP
SixLabors.ImageSharp < 2.1.11 and 3.0.0-3.1.10 - Denial of Service via Malformed GIF Comment Extension Block
ImageSharp is a 2D graphics library. In versions below 2.1.11 and 3.0.0 through 3.1.10, a specially crafted GIF file containing a malformed comment extension block (with a missing block terminator) can cause the ImageSharp GIF decoder to enter an infinite loop while attempting to skip the block. This leads to a denial of service. Applications processing untrusted GIF input should upgrade to a patched version. This issue is fixed in versions 2.1.11 and 3.1.11.
CVSS 5.3
CVE-2024-32036 WRITEUP MEDIUM WRITEUP
ImageSharp <3.1.4, <2.1.8 - Info Disclosure
ImageSharp is a 2D graphics API. A data leakage flaw was found in ImageSharp's JPEG and TGA decoders. This vulnerability is triggered when an attacker passes a specially crafted JPEG or TGA image file to a software using ImageSharp, potentially disclosing sensitive information from other parts of the software in the resulting image buffer. The problem has been patched in v3.1.4 and v2.1.8.
CVSS 5.3
CVE-2024-41132 WRITEUP MEDIUM WRITEUP
ImageSharp < 2.1.9 - Denial of Service via Gif Decoder
ImageSharp is a 2D graphics API. A vulnerability discovered in the ImageSharp library, where the processing of specially crafted files can lead to excessive memory usage in the Gif decoder. The vulnerability is triggered when ImageSharp attempts to process image files that are designed to exploit this flaw. All users are advised to upgrade to v3.1.5 or v2.1.9.
CVSS 5.3
CVE-2025-54575 WRITEUP MEDIUM WRITEUP
SixLabors.ImageSharp < 2.1.11 and 3.0.0-3.1.10 - Denial of Service via Malformed GIF Comment Extension Block
ImageSharp is a 2D graphics library. In versions below 2.1.11 and 3.0.0 through 3.1.10, a specially crafted GIF file containing a malformed comment extension block (with a missing block terminator) can cause the ImageSharp GIF decoder to enter an infinite loop while attempting to skip the block. This leads to a denial of service. Applications processing untrusted GIF input should upgrade to a patched version. This issue is fixed in versions 2.1.11 and 3.1.11.
CVSS 5.3