Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Use After Free in SixLabors.ImageSharp
Vulnerability Description
ImageSharp is a managed, cross-platform, 2D graphics library. A heap-use-after-free flaw was found in ImageSharp's InitializeImage() function of PngDecoderCore.cs file. This vulnerability is triggered when an attacker passes a specially crafted PNG image file to ImageSharp for conversion, potentially leading to information disclosure. This issue has been patched in versions 3.1.3 and 2.1.7.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
Vulnerability Type
释放后使用
Vulnerability Title
ImageSharp 安全漏洞
Vulnerability Description
ImageSharp是ImageSharp公司的一种新的、功能齐全、完全托管、跨平台的 2D 图形 API。 ImageSharp v3.1.3之前版本存在安全漏洞,该漏洞源于PngDecoderCore.cs文件的ImageSharp的InitializeImage()函数存在释放后重用漏洞。
CVSS Information
N/A
Vulnerability Type
N/A