Browse all 7 CVE security advisories affecting SixLabors. AI-powered Chinese analysis, POCs, and references for each vulnerability.
SixLabors develops open-source image processing libraries for .NET, primarily used for image manipulation and generation. Historically, their vulnerabilities have commonly included remote code execution (RCE) through deserialization flaws and cross-site scripting (XSS) in web-related components. While no major public security incidents have been widely reported, the 7 CVEs on record highlight recurring issues in input validation and unsafe deserialization. Their codebase often requires strict input sanitization to prevent RCE, particularly in image parsing functions. Security researchers have noted that while vulnerabilities are typically patched promptly, the complexity of image processing libraries presents an ongoing attack surface for exploitation.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-54575 | ImageSharp Triggers an Infinite Loop in its GIF Decoder When Skipping Malformed Comment Extension Blocks — ImageSharpCWE-400 | 5.3 | Medium | 2025-07-30 |
| CVE-2025-27598 | Out-of-bounds Write in SixLabors ImageSharp — ImageSharpCWE-787 | 7.5 | High | 2025-03-06 |
| CVE-2024-41132 | SixLabors ImageSharp Allows Excessive Memory Allocation in Gif Decoder — ImageSharpCWE-789 | 5.3 | Medium | 2024-07-22 |
| CVE-2024-41131 | Out-of-bounds Write in SixLabors ImageSharp — ImageSharpCWE-787 | 7.5 | High | 2024-07-22 |
| CVE-2024-32036 | SixLabors.ImageSharp vulnerable to data leakage — ImageSharpCWE-226 | 5.3 | Medium | 2024-04-15 |
| CVE-2024-32035 | Memory Allocation with Excessive Size Value in SixLabors.ImageSharp — ImageSharpCWE-789 | 5.3 | Medium | 2024-04-15 |
| CVE-2024-27929 | Use After Free in SixLabors.ImageSharp — ImageSharpCWE-416 | 7.1 | High | 2024-03-05 |
This page lists every published CVE security advisory associated with SixLabors. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.