CVE-2025-27598

6 Mar 2025

Jose Alexis Correa Valencia
0 Comentarios

Título es
CVE-2025-27598

Jue, 06/03/2025 – 23:15

Tipo
CWE-787

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2025-27598

Descripción en
ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. The problem has been patched. All users are advised to upgrade to v3.1.7 or v2.1.10.

07/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Gravedad 3.1 (CVSS 3.1 Base Score)
7.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
HIGH

Referencias

https://github.com/SixLabors/ImageSharp/issues/2859

https://github.com/SixLabors/ImageSharp/pull/2890

https://github.com/SixLabors/ImageSharp/security/advisories/GHSA-2cmq-823j-5qj8

Enviar en el boletín
Off