Libsixel
CVE-2025-61146
MEDIUM
Severity by source
AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Lifecycle Timeline
3DescriptionCVE.org
saitoha libsixel until v1.8.7 was discovered to contain a memory leak via the component malloc_stub.c.
AnalysisAI
saitoha libsixel until v1.8.7 was discovered to contain a memory leak via the component malloc_stub.c. [CVSS 4.0 MEDIUM]
Technical ContextAI
Classified as CWE-401 (Memory Leak). Affects the a memory leak via the component of Libsixel. saitoha libsixel until v1.8.7 was discovered to contain a memory leak via the component malloc_stub.c.
RemediationAI
A vendor patch is available — apply it immediately.
An issue was discovered in libsixel 1.8.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, n
An issue was discovered in libsixel 1.8.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, n
libsixel 1.8.4 has an integer overflow in sixel_frame_resize in frame.c. Rated high severity (CVSS 8.8), this vulnerabil
libsixel 1.10.0 is vulnerable to Use after free in libsixel/src/dither.c:379. Rated high severity (CVSS 8.8), this vulne
Libsixel 1.8.3 contains a heap-based buffer overflow in the sixel_encode_highcolor function in tosixel.c. Rated high sev
Libsixel 1.8.2 contains a heap-based buffer overflow in the dither_func_fs function in tosixel.c. Rated high severity (C
An issue was discovered in libsixel 1.8.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, n
stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has a heap-based buffer over-read i
libsixel before 1.10 is vulnerable to Buffer Overflow in libsixel/src/quant.c:867. Rated high severity (CVSS 8.8), this
libsixel 1.8.6 is affected by Buffer Overflow in libsixel/src/quant.c:876. Rated high severity (CVSS 8.8), this vulnerab
libsixel 1.8.6 suffers from a Heap Use After Free vulnerability in in libsixel/src/dither.c:388. Rated high severity (CV
In libsixel v1.8.2, there is a heap-based buffer over-read in the function load_jpeg() in the file loader.c, as demonstr
Same weakness CWE-401 – Memory Leak
View allSame technique Information Disclosure
View allVendor StatusVendor
SUSE
Severity: LowShare
External POC / Exploit Code
Leaving vuln.today