Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Memory Allocation with Excessive Size Value in SixLabors.ImageSharp
Vulnerability Description
ImageSharp is a 2D graphics API. A vulnerability discovered in the ImageSharp library, where the processing of specially crafted files can lead to excessive memory usage in image decoders. The vulnerability is triggered when ImageSharp attempts to process image files that are designed to exploit this flaw. This flaw can be exploited to cause a denial of service (DoS) by depleting process memory, thereby affecting applications and services that rely on ImageSharp for image processing tasks. Users and administrators are advised to update to the latest version of ImageSharp that addresses this vulnerability to mitigate the risk of exploitation. The problem has been patched in v3.1.4 and v2.1.8.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
未经控制的内存分配
Vulnerability Title
ImageSharp 安全漏洞
Vulnerability Description
ImageSharp是ImageSharp公司的一种新的、功能齐全、完全托管、跨平台的 2D 图形 API。 ImageSharp存在安全漏洞,该漏洞源于处理特制文件可能会导致图像解码器内存使用过多,攻击者利用该漏洞可以通过耗尽进程内存来导致拒绝服务(DoS)。
CVSS Information
N/A
Vulnerability Type
N/A