Libsixel
Sign in to watchby Saitoha
Source repositories
CVEs (48)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-21050 | Med | 0.35 | 6.5 | 0.01 | Sep 14, 2021 | Libsixel prior to v1.8.3 contains a stack buffer overflow in the function gif_process_raster at fromgif.c. | |
| CVE-2020-21049 | Med | 0.35 | 6.5 | 0.00 | Sep 14, 2021 | An invalid read in the stb_image.h component of libsixel prior to v1.8.5 allows attackers to cause a denial of service (DOS) via a crafted PSD file. | |
| CVE-2020-21048 | Med | 0.35 | 6.5 | 0.00 | Sep 14, 2021 | An issue in the dither.c component of libsixel prior to v1.8.4 allows attackers to cause a denial of service (DOS) via a crafted PNG file. | |
| CVE-2019-20024 | Med | 0.35 | 6.5 | 0.00 | Dec 27, 2019 | A heap-based buffer overflow was discovered in image_buffer_resize in fromsixel.c in libsixel before 1.8.4. | |
| CVE-2019-20023 | Med | 0.35 | 6.5 | 0.00 | Dec 27, 2019 | A memory leak was discovered in image_buffer_resize in fromsixel.c in libsixel 1.8.4. | |
| CVE-2019-20022 | Med | 0.35 | 6.5 | 0.00 | Dec 27, 2019 | An invalid memory address dereference was discovered in load_pnm in frompnm.c in libsixel before 1.8.3. | |
| CVE-2025-9300 | Med | 0.34 | 5.3 | 0.00 | Aug 21, 2025 | A vulnerability was found in saitoha libsixel up to 1.10.3. Affected by this issue is the function sixel_debug_print_palette of the file src/encoder.c of the component img2sixel. The manipulation results in stack-based buffer overflow. The attack must be initiated from a local position. The exploit has been made public and could be used. The patch is identified as 316c086e79d66b62c0c4bc66229ee894e4fdb7d1. Applying a patch is advised to resolve this issue. | |
| CVE-2025-61146 | Med | 0.19 | 4.0 | 0.00 | Feb 23, 2026 | saitoha libsixel until v1.8.7 was discovered to contain a memory leak via the component malloc_stub.c. |
Page 3 of 3