5.3

CVSS Score

3.1

Basic Information

CVE ID

GHSA ID

GHSA-rxmq-m78w-7wmc

EPSS Score

CWE

CWE-400

Published

7/30/2025

Updated

7/30/2025

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

GHSA-rxmq-m78w-7wmc

GHSA-rxmq-m78w-7wmc: SixLabors ImageSharp Has Infinite Loop in GIF Decoder When Skipping Malformed Comment Extension Blocks

Impact

A specially crafted GIF file containing a malformed comment extension block (with a missing block terminator) can cause the ImageSharp GIF decoder to enter an infinite loop while attempting to skip the block. This leads to a denial of service. Applications processing untrusted GIF input should upgrade to a patched version.

Patches

The problem has been patched. All users are advised to upgrade to v3.1.11 or v2.1.11.

Workarounds

None.

(GitHub Advisory)

5.3

CVSS Score

3.1

Basic Information

CVE ID

GHSA ID

GHSA-rxmq-m78w-7wmc

EPSS Score

CWE

CWE-400

Published

7/30/2025

Updated

7/30/2025

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
SixLabors.ImageSharp	nuget	< 2.1.11	2.1.11
SixLabors.ImageSharp	nuget	>= 3.0.0, < 3.1.11	3.1.11

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The analysis of the provided patches in commits 55e49262df9a057dff9b7807ed1b7bdb49187c3f and 833f3ceec35af6b775950e06f03b934546cefbf6 points to a single vulnerable function. The vulnerability, an infinite loop leading to a denial of service, is located in the SixLabors.ImageSharp.Formats.Gif.GifDecoderCore.ReadComments function. The patch introduces a crucial check for an end-of-stream condition while reading GIF comment sub-blocks. The absence of this check in the vulnerable version leads to an infinite loop when a specially crafted GIF with a malformed comment extension is processed. Therefore, any runtime profile or stack trace generated during the exploitation of this vulnerability would show the SixLabors.ImageSharp.Formats.Gif.GifDecoderCore.ReadComments function as the point of failure.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t * sp**i*lly *r**t** *I* *il* *ont*inin* * m*l*orm** *omm*nt *xt*nsion *lo*k (wit* * missin* *lo*k t*rmin*tor) **n **us* t** Im***S**rp *I* ***o**r to *nt*r *n in*init* loop w*il* *tt*mptin* to skip t** *lo*k. T*is l***s to * **ni*l o* s*rv

Reasoning

T** *n*lysis o* t** provi*** p*t***s in *ommits `****************************************` *n* `****************************************` points to * sin*l* vuln*r**l* *un*tion. T** vuln*r**ility, *n in*init* loop l***in* to * **ni*l o* s*rvi**, is l

5.3

Basic Information

Concerned about an active attack path?

GHSA-rxmq-m78w-7wmc: SixLabors ImageSharp Has Infinite Loop in GIF Decoder When Skipping Malformed Comment Extension Blocks

Impact

Patches

Workarounds

5.3

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI