Libsixelproject Libsixel
By the Year
In 2024 there have been 0 vulnerabilities in Libsixelproject Libsixel . Libsixel did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 10 | 7.55 |
2021 | 7 | 7.30 |
2020 | 3 | 7.27 |
2019 | 14 | 8.05 |
2018 | 8 | 6.41 |
It may take a day or so for new Libsixel vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Libsixelproject Libsixel Security Vulnerabilities
There is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894 in libsixel img2sixel 1.8.6
CVE-2022-29977
6.5 - Medium
- May 11, 2022
There is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file.
assertion failure
There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in libsixel img2sixel 1.8.6
CVE-2022-29978
6.5 - Medium
- May 11, 2022
There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file.
Incorrect Calculation
libsixel before 1.10 is vulnerable to Buffer Overflow in libsixel/src/quant.c:867.
CVE-2021-40656
8.8 - High
- April 08, 2022
libsixel before 1.10 is vulnerable to Buffer Overflow in libsixel/src/quant.c:867.
Memory Corruption
libsixel 1.10.0 is vulnerable to Use after free in libsixel/src/dither.c:379.
CVE-2021-41715
8.8 - High
- April 08, 2022
libsixel 1.10.0 is vulnerable to Use after free in libsixel/src/dither.c:379.
Dangling pointer
libsixel 1.8.6 is affected by Buffer Overflow in libsixel/src/quant.c:876.
CVE-2022-27044
8.8 - High
- April 08, 2022
libsixel 1.8.6 is affected by Buffer Overflow in libsixel/src/quant.c:876.
Memory Corruption
libsixel 1.8.6 suffers
CVE-2022-27046
8.8 - High
- April 08, 2022
libsixel 1.8.6 suffers from a Heap Use After Free vulnerability in in libsixel/src/dither.c:388.
Dangling pointer
stb_image.h (aka the stb image loader) 2.19
CVE-2022-27938
5.5 - Medium
- March 26, 2022
stb_image.h (aka the stb image loader) 2.19, as used in libsixel and other products, has a reachable assertion in stbi__create_png_image_raw.
assertion failure
saitoha libsixel v1.8.6 was discovered to contain a double free
CVE-2020-36123
8.8 - High
- March 10, 2022
saitoha libsixel v1.8.6 was discovered to contain a double free via the component sixel_chunk_destroy at /root/libsixel/src/chunk.c.
Double-free
In libsixel 1.8.6, sixel_encoder_output_without_macro (called
CVE-2021-46700
6.5 - Medium
- February 19, 2022
In libsixel 1.8.6, sixel_encoder_output_without_macro (called from sixel_encoder_encode_frame in encoder.c) has a double free.
Double-free
In Libsixel prior to and including v1.10.3, a NULL pointer dereference in the stb_image.h component of libsixel
CVE-2021-45340
6.5 - Medium
- January 25, 2022
In Libsixel prior to and including v1.10.3, a NULL pointer dereference in the stb_image.h component of libsixel allows attackers to cause a denial of service (DOS) via a crafted PICT file.
NULL Pointer Dereference
Libsixel 1.8.2 contains a heap-based buffer overflow in the dither_func_fs function in tosixel.c.
CVE-2020-21547
8.8 - High
- September 17, 2021
Libsixel 1.8.2 contains a heap-based buffer overflow in the dither_func_fs function in tosixel.c.
Memory Corruption
Libsixel 1.8.3 contains a heap-based buffer overflow in the sixel_encode_highcolor function in tosixel.c.
CVE-2020-21548
8.8 - High
- September 17, 2021
Libsixel 1.8.3 contains a heap-based buffer overflow in the sixel_encode_highcolor function in tosixel.c.
Memory Corruption
An issue in the dither.c component of libsixel prior to v1.8.4
CVE-2020-21048
6.5 - Medium
- September 14, 2021
An issue in the dither.c component of libsixel prior to v1.8.4 allows attackers to cause a denial of service (DOS) via a crafted PNG file.
An invalid read in the stb_image.h component of libsixel prior to v1.8.5
CVE-2020-21049
6.5 - Medium
- September 14, 2021
An invalid read in the stb_image.h component of libsixel prior to v1.8.5 allows attackers to cause a denial of service (DOS) via a crafted PSD file.
Out-of-bounds Read
Libsixel prior to v1.8.3 contains a stack buffer overflow in the function gif_process_raster at
CVE-2020-21050
6.5 - Medium
- September 14, 2021
Libsixel prior to v1.8.3 contains a stack buffer overflow in the function gif_process_raster at fromgif.c.
Memory Corruption
A heap-based buffer overflow in the sixel_encoder_output_without_macro function in encoder.c of Libsixel 1.8.4
CVE-2020-21677
6.5 - Medium
- August 10, 2021
A heap-based buffer overflow in the sixel_encoder_output_without_macro function in encoder.c of Libsixel 1.8.4 allows attackers to cause a denial of service (DOS) via converting a crafted PNG file into Sixel format.
Memory Corruption
Buffer Overflow in the "sixel_encoder_encode_bytes" function of Libsixel v1.8.6
CVE-2020-36120
7.5 - High
- April 14, 2021
Buffer Overflow in the "sixel_encoder_encode_bytes" function of Libsixel v1.8.6 allows attackers to cause a Denial of Service (DoS).
Classic Buffer Overflow
Unverified indexs into the array lead to out of bound access in the gif_out_code function in
CVE-2020-19668
6.5 - Medium
- November 20, 2020
Unverified indexs into the array lead to out of bound access in the gif_out_code function in fromgif.c in libsixel 1.8.6.
Buffer Overflow
load_png in loader.c in libsixel.a in libsixel 1.8.6 has an uninitialized pointer leading to an invalid call to free
CVE-2020-11721
6.5 - Medium
- April 12, 2020
load_png in loader.c in libsixel.a in libsixel 1.8.6 has an uninitialized pointer leading to an invalid call to free, which can cause a denial of service.
Access of Uninitialized Pointer
libsixel 1.8.4 has an integer overflow in sixel_frame_resize in frame.c.
CVE-2019-20205
8.8 - High
- January 02, 2020
libsixel 1.8.4 has an integer overflow in sixel_frame_resize in frame.c.
Integer Overflow or Wraparound
An issue was discovered in libsixel 1.8.4
CVE-2019-20140
8.8 - High
- December 30, 2019
An issue was discovered in libsixel 1.8.4. There is a heap-based buffer overflow in the function gif_out_code at fromgif.c.
Memory Corruption
An issue was discovered in libsixel 1.8.4
CVE-2019-20094
8.8 - High
- December 30, 2019
An issue was discovered in libsixel 1.8.4. There is a heap-based buffer overflow in the function gif_init_frame at fromgif.c.
Memory Corruption
A heap-based buffer overflow was discovered in image_buffer_resize in
CVE-2019-20024
6.5 - Medium
- December 27, 2019
A heap-based buffer overflow was discovered in image_buffer_resize in fromsixel.c in libsixel before 1.8.4.
Memory Corruption
A memory leak was discovered in image_buffer_resize in
CVE-2019-20023
6.5 - Medium
- December 27, 2019
A memory leak was discovered in image_buffer_resize in fromsixel.c in libsixel 1.8.4.
Missing Release of Resource after Effective Lifetime
An invalid memory address dereference was discovered in load_pnm in
CVE-2019-20022
6.5 - Medium
- December 27, 2019
An invalid memory address dereference was discovered in load_pnm in frompnm.c in libsixel before 1.8.3.
Operation on a Resource after Expiration or Release
An issue was discovered in libsixel 1.8.2
CVE-2019-19778
8.8 - High
- December 13, 2019
An issue was discovered in libsixel 1.8.2. There is a heap-based buffer over-read in the function load_sixel at loader.c.
Out-of-bounds Read
stb_image.h (aka the stb image loader) 2.23
CVE-2019-19777
8.8 - High
- December 13, 2019
stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbi__load_main.
Out-of-bounds Read
An issue was discovered in libsixel 1.8.2
CVE-2019-19635
9.8 - Critical
- December 08, 2019
An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function sixel_decode_raw_impl at fromsixel.c.
Memory Corruption
An issue was discovered in libsixel 1.8.2
CVE-2019-19636
9.8 - Critical
- December 08, 2019
An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixel_encode_body at tosixel.c.
Integer Overflow or Wraparound
An issue was discovered in libsixel 1.8.2
CVE-2019-19637
9.8 - Critical
- December 08, 2019
An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixel_decode_raw_impl at fromsixel.c.
Integer Overflow or Wraparound
An issue was discovered in libsixel 1.8.2
CVE-2019-19638
9.8 - Critical
- December 08, 2019
An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function load_pnm at frompnm.c, due to an integer overflow.
Memory Corruption
The load_pnm function in
CVE-2019-11024
5.5 - Medium
- April 08, 2019
The load_pnm function in frompnm.c in libsixel.a in libsixel 1.8.2 has infinite recursion.
Stack Exhaustion
In libsixel v1.8.2, there is an infinite loop in the function sixel_decode_raw_impl() in the file
CVE-2019-3573
5.5 - Medium
- January 02, 2019
In libsixel v1.8.2, there is an infinite loop in the function sixel_decode_raw_impl() in the file fromsixel.c, as demonstrated by sixel2png.
Infinite Loop
In libsixel v1.8.2
CVE-2019-3574
7.8 - High
- January 02, 2019
In libsixel v1.8.2, there is a heap-based buffer over-read in the function load_jpeg() in the file loader.c, as demonstrated by img2sixel.
Out-of-bounds Read
There is a heap-based buffer over-read at writer.c (function: write_png_to_file) in libsixel 1.8.2
CVE-2018-19763
5.5 - Medium
- November 30, 2018
There is a heap-based buffer over-read at writer.c (function: write_png_to_file) in libsixel 1.8.2 that will cause a denial of service.
Out-of-bounds Read
There is a heap-based buffer overflow at fromsixel.c (function: image_buffer_resize) in libsixel 1.8.2
CVE-2018-19762
7.8 - High
- November 30, 2018
There is a heap-based buffer overflow at fromsixel.c (function: image_buffer_resize) in libsixel 1.8.2 that will cause a denial of service or possibly unspecified other impact.
Memory Corruption
There is an illegal address access at fromsixel.c (function: sixel_decode_raw_impl) in libsixel 1.8.2
CVE-2018-19761
5.5 - Medium
- November 30, 2018
There is an illegal address access at fromsixel.c (function: sixel_decode_raw_impl) in libsixel 1.8.2 that will cause a denial of service.
Out-of-bounds Read
There is a heap-based buffer over-read at stb_image_write.h (function: stbi_write_png_to_mem) in libsixel 1.8.2
CVE-2018-19759
5.5 - Medium
- November 30, 2018
There is a heap-based buffer over-read at stb_image_write.h (function: stbi_write_png_to_mem) in libsixel 1.8.2 that will cause a denial of service.
Out-of-bounds Read
There is a NULL pointer dereference at function sixel_helper_set_additional_message (status.c) in libsixel 1.8.2
CVE-2018-19757
6.5 - Medium
- November 30, 2018
There is a NULL pointer dereference at function sixel_helper_set_additional_message (status.c) in libsixel 1.8.2 that will cause a denial of service.
NULL Pointer Dereference
There is a heap-based buffer over-read at stb_image.h (function: stbi__tga_load) in libsixel 1.8.2
CVE-2018-19756
5.5 - Medium
- November 30, 2018
There is a heap-based buffer over-read at stb_image.h (function: stbi__tga_load) in libsixel 1.8.2 that will cause a denial of service.
Out-of-bounds Read
libsixel 1.8.1 has a memory leak in sixel_allocator_new in allocator.c.
CVE-2018-14073
7.5 - High
- July 15, 2018
libsixel 1.8.1 has a memory leak in sixel_allocator_new in allocator.c.
Missing Release of Resource after Effective Lifetime
libsixel 1.8.1 has a memory leak in sixel_decoder_decode in decoder.c, image_buffer_resize in
CVE-2018-14072
7.5 - High
- July 15, 2018
libsixel 1.8.1 has a memory leak in sixel_decoder_decode in decoder.c, image_buffer_resize in fromsixel.c, and sixel_decode_raw in fromsixel.c.
Missing Release of Resource after Effective Lifetime
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Libsixelproject Libsixel or by Libsixelproject? Click the Watch button to subscribe.