5.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2025-54575

GHSA ID

GHSA-rxmq-m78w-7wmc

EPSS Score

CWE

CWE-400

Published

7/30/2025

Updated

7/30/2025

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2025-54575

CVE-2025-54575: SixLabors ImageSharp Has Infinite Loop in GIF Decoder When Skipping Malformed Comment Extension Blocks

Impact

A specially crafted GIF file containing a malformed comment extension block (with a missing block terminator) can cause the ImageSharp GIF decoder to enter an infinite loop while attempting to skip the block. This leads to a denial of service. Applications processing untrusted GIF input should upgrade to a patched version.

Patches

The problem has been patched. All users are advised to upgrade to v3.1.11 or v2.1.11.

Workarounds

None.

(GitHub Advisory)

5.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2025-54575

GHSA ID

GHSA-rxmq-m78w-7wmc

EPSS Score

CWE

CWE-400

Published

7/30/2025

Updated

7/30/2025

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
SixLabors.ImageSharp	nuget	< 2.1.11	2.1.11
SixLabors.ImageSharp	nuget	>= 3.0.0, < 3.1.11	3.1.11

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability described is a denial-of-service caused by an infinite loop in the GIF decoder of SixLabors.ImageSharp when processing a malformed GIF file. The advisory points to two commits that patch this issue. Analysis of these commits reveals that the changes are concentrated in the ReadComments method within the GifDecoderCore.cs file. The patch adds a check to handle cases where the end of the stream is reached unexpectedly while reading a comment block. This prevents the infinite loop that occurs when the code tries to skip a malformed comment block. Therefore, the SixLabors.ImageSharp.Formats.Gif.GifDecoderCore.ReadComments function is identified as the vulnerable function. During exploitation, a call to this function with a malicious GIF file would trigger the infinite loop, making it a key indicator in a runtime profile.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t * sp**i*lly *r**t** *I* *il* *ont*inin* * m*l*orm** *omm*nt *xt*nsion *lo*k (wit* * missin* *lo*k t*rmin*tor) **n **us* t** Im***S**rp *I* ***o**r to *nt*r *n in*init* loop w*il* *tt*mptin* to skip t** *lo*k. T*is l***s to * **ni*l o* s*rv

Reasoning

T** vuln*r**ility **s*ri*** is * **ni*l-o*-s*rvi** **us** *y *n in*init* loop in t** *I* ***o**r o* SixL**ors.Im***S**rp w**n pro**ssin* * m*l*orm** *I* *il*. T** **visory points to two *ommits t**t p*t** t*is issu*. *n*lysis o* t**s* *ommits r*v**ls

5.3

Basic Information

Concerned about an active attack path?

CVE-2025-54575: SixLabors ImageSharp Has Infinite Loop in GIF Decoder When Skipping Malformed Comment Extension Blocks

Impact

Patches

Workarounds

5.3

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI