Vulnerability Details CVE-2025-27598
ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. The problem has been patched. All users are advised to upgrade to v3.1.7 or v2.1.10.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.4%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2025-27598
-
cpe:2.3:a:sixlabors:imagesharp:1.0.0
-
cpe:2.3:a:sixlabors:imagesharp:1.0.1
-
cpe:2.3:a:sixlabors:imagesharp:1.0.2
-
cpe:2.3:a:sixlabors:imagesharp:1.0.3
-
cpe:2.3:a:sixlabors:imagesharp:1.0.4
-
cpe:2.3:a:sixlabors:imagesharp:2.0.0
-
cpe:2.3:a:sixlabors:imagesharp:2.1.0
-
cpe:2.3:a:sixlabors:imagesharp:2.1.1
-
cpe:2.3:a:sixlabors:imagesharp:2.1.2
-
cpe:2.3:a:sixlabors:imagesharp:2.1.3
-
cpe:2.3:a:sixlabors:imagesharp:2.1.4
-
cpe:2.3:a:sixlabors:imagesharp:2.1.5
-
cpe:2.3:a:sixlabors:imagesharp:2.1.6
-
cpe:2.3:a:sixlabors:imagesharp:2.1.7
-
cpe:2.3:a:sixlabors:imagesharp:2.1.8
-
cpe:2.3:a:sixlabors:imagesharp:2.1.9
-
cpe:2.3:a:sixlabors:imagesharp:3.0.0
-
cpe:2.3:a:sixlabors:imagesharp:3.0.1
-
cpe:2.3:a:sixlabors:imagesharp:3.0.2
-
cpe:2.3:a:sixlabors:imagesharp:3.1.0
-
cpe:2.3:a:sixlabors:imagesharp:3.1.1
-
cpe:2.3:a:sixlabors:imagesharp:3.1.2
-
cpe:2.3:a:sixlabors:imagesharp:3.1.3
-
cpe:2.3:a:sixlabors:imagesharp:3.1.4
-
cpe:2.3:a:sixlabors:imagesharp:3.1.5
-
cpe:2.3:a:sixlabors:imagesharp:3.1.6