Libsixel
Sign in to watchby Saitoha
Source repositories
CVEs (48)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-19638 | Cri | 0.64 | 9.8 | 0.01 | Dec 8, 2019 | An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function load_pnm at frompnm.c, due to an integer overflow. | |
| CVE-2019-19637 | Cri | 0.64 | 9.8 | 0.00 | Dec 8, 2019 | An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixel_decode_raw_impl at fromsixel.c. | |
| CVE-2019-19636 | Cri | 0.64 | 9.8 | 0.00 | Dec 8, 2019 | An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixel_encode_body at tosixel.c. | |
| CVE-2019-19635 | Cri | 0.64 | 9.8 | 0.01 | Dec 8, 2019 | An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function sixel_decode_raw_impl at fromsixel.c. | |
| CVE-2022-27046 | Hig | 0.57 | 8.8 | 0.00 | Apr 8, 2022 | libsixel 1.8.6 suffers from a Heap Use After Free vulnerability in in libsixel/src/dither.c:388. | |
| CVE-2022-27044 | Hig | 0.57 | 8.8 | 0.00 | Apr 8, 2022 | libsixel 1.8.6 is affected by Buffer Overflow in libsixel/src/quant.c:876. | |
| CVE-2021-41715 | Hig | 0.57 | 8.8 | 0.00 | Apr 8, 2022 | libsixel 1.10.0 is vulnerable to Use after free in libsixel/src/dither.c:379. | |
| CVE-2020-21548 | Hig | 0.57 | 8.8 | 0.00 | Sep 17, 2021 | Libsixel 1.8.3 contains a heap-based buffer overflow in the sixel_encode_highcolor function in tosixel.c. | |
| CVE-2020-21547 | Hig | 0.57 | 8.8 | 0.00 | Sep 17, 2021 | Libsixel 1.8.2 contains a heap-based buffer overflow in the dither_func_fs function in tosixel.c. | |
| CVE-2019-20205 | Hig | 0.57 | 8.8 | 0.00 | Jan 2, 2020 | libsixel 1.8.4 has an integer overflow in sixel_frame_resize in frame.c. | |
| CVE-2019-20140 | Hig | 0.57 | 8.8 | 0.01 | Dec 30, 2019 | An issue was discovered in libsixel 1.8.4. There is a heap-based buffer overflow in the function gif_out_code at fromgif.c. | |
| CVE-2019-20094 | Hig | 0.57 | 8.8 | 0.00 | Dec 30, 2019 | An issue was discovered in libsixel 1.8.4. There is a heap-based buffer overflow in the function gif_init_frame at fromgif.c. | |
| CVE-2019-19778 | Hig | 0.57 | 8.8 | 0.00 | Dec 13, 2019 | An issue was discovered in libsixel 1.8.2. There is a heap-based buffer over-read in the function load_sixel at loader.c. | |
| CVE-2019-19777 | Hig | 0.57 | 8.8 | 0.00 | Dec 13, 2019 | stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbi__load_main. | |
| CVE-2026-33023 | Hig | 0.51 | 7.8 | 0.00 | Apr 14, 2026 | libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. In versions 1.8.7 and prior, when built with the --with-gdk-pixbuf2 option, a use-after-free vulnerability exists in load_with_gdkpixbuf() in loader.c. The cleanup path manually frees the sixel_frame_t object and its internal buffers without consulting the reference count, even though the object was created via the refcounted constructor sixel_frame_new() and exposed to the public callback. A callback that calls sixel_frame_ref(frame) to retain a logically valid reference will hold a dangling pointer after sixel_helper_load_image_file() returns, and any subsequent access to the frame or its fields triggers a use-after-free confirmed by AddressSanitizer. The root cause is a consistency failure between two cleanup strategies in the same codebase: sixel_frame_unref() is used in load_with_builtin() but raw free() is used in load_with_gdkpixbuf(). An attacker supplying a crafted image to any application built against libsixel with gdk-pixbuf2 support can trigger this reliably, potentially leading to information disclosure, memory corruption, or code execution. This issue has been fixed in version 1.8.7-r1. | |
| CVE-2019-3574 | Hig | 0.51 | 7.8 | 0.00 | Jan 2, 2019 | In libsixel v1.8.2, there is a heap-based buffer over-read in the function load_jpeg() in the file loader.c, as demonstrated by img2sixel. | |
| CVE-2018-19762 | Hig | 0.51 | 7.8 | 0.00 | Nov 30, 2018 | There is a heap-based buffer overflow at fromsixel.c (function: image_buffer_resize) in libsixel 1.8.2 that will cause a denial of service or possibly unspecified other impact. | |
| CVE-2021-40656 | Hig | 0.50 | 8.8 | 0.00 | Apr 8, 2022 | libsixel before 1.10 is vulnerable to Buffer Overflow in libsixel/src/quant.c:867. | |
| CVE-2020-36120 | Hig | 0.49 | 7.5 | 0.00 | Apr 14, 2021 | Buffer Overflow in the "sixel_encoder_encode_bytes" function of Libsixel v1.8.6 allows attackers to cause a Denial of Service (DoS). | |
| CVE-2018-14073 | Hig | 0.49 | 7.5 | 0.00 | Jul 15, 2018 | libsixel 1.8.1 has a memory leak in sixel_allocator_new in allocator.c. |
Page 1 of 3