Libsixel
Monthly
libsixel versions prior to 1.8.7-r2 crash on memory allocation failure in sixel_decode_raw and sixel_decode functions due to incorrect NULL pointer validation, allowing local attackers to trigger denial of service under low-memory conditions. The vulnerability affects any application using libsixel's public decoding APIs when system memory pressure causes malloc to fail.
Heap buffer overflow in libsixel 1.8.7 and earlier allows local attackers to achieve arbitrary code execution by providing a maliciously crafted large palettised PNG image that triggers integer overflow in RGB888 conversion routines. The vulnerability requires user interaction to process the malicious image but no authentication. EPSS data not available; no public exploit identified at time of analysis, though the technical details in the advisory provide sufficient information for weaponization. Vendor-released patch: version 1.8.7-r1.
Out-of-bounds heap read in libsixel img2sixel via integer overflow allows local attackers to crash the application and potentially leak sensitive memory contents when processing malicious --crop arguments with otherwise valid images. Affects libsixel 1.8.7 and earlier; patched in 1.8.7-r1. EPSS data not available, but exploitation requires local access with user interaction (CVSS AV:L/UI:R). No CISA KEV listing; no public exploit identified at time of analysis.
Heap use-after-free in libsixel 1.8.7 and earlier allows local code execution when processing malicious animated GIF files through the sixel_helper_load_image_file() API with multi-frame callbacks. The vulnerability triggers when gif_init_frame() unconditionally frees and reallocates frame->pixels between frames while client code retains references via the documented sixel_frame_ref() API, creating dangling pointers confirmed by AddressSanitizer. Fixed in version 1.8.7-r1. No public exploit iden
Use-after-free in libsixel's gdk-pixbuf2 loader enables local attackers to achieve code execution via crafted images. Affects libsixel versions through 1.8.7 when compiled with --with-gdk-pixbuf2 option. The vulnerability stems from inconsistent memory management in load_with_gdkpixbuf(), which manually frees reference-counted frame objects, leaving dangling pointers that callbacks can access post-cleanup. CVSS 7.8 (High) with local attack vector requiring user interaction. Fixed in version 1.8.7-r1. No confirmed active exploitation (CISA KEV), though proof-of-concept feasibility is high given the deterministic nature of the memory corruption.
Use-after-free in libsixel 1.8.7 and earlier enables local attackers to crash applications or execute arbitrary code via crafted SIXEL image frames. The vulnerability occurs when sixel_encoder_encode_bytes() processes resize operations that free caller-owned pixel buffers, creating dangling pointers exploitable through repeated, predictable frame manipulation. EPSS data not available; no confirmed active exploitation (not in CISA KEV), but the technical details suggest reliable exploitation potential for local privilege escalation or RCE scenarios.
saitoha libsixel until v1.8.7 was discovered to contain a memory leak via the component malloc_stub.c. [CVSS 4.0 MEDIUM]
There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in libsixel img2sixel 1.8.6. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
There is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894 in libsixel img2sixel 1.8.6. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
libsixel before 1.10 is vulnerable to Buffer Overflow in libsixel/src/quant.c:867. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
libsixel 1.8.6 suffers from a Heap Use After Free vulnerability in in libsixel/src/dither.c:388. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
libsixel 1.8.6 is affected by Buffer Overflow in libsixel/src/quant.c:876. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
libsixel 1.10.0 is vulnerable to Use after free in libsixel/src/dither.c:379. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
stb_image.h (aka the stb image loader) 2.19, as used in libsixel and other products, has a reachable assertion in stbi__create_png_image_raw. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In libsixel 1.8.6, sixel_encoder_output_without_macro (called from sixel_encoder_encode_frame in encoder.c) has a double free. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In Libsixel prior to and including v1.10.3, a NULL pointer dereference in the stb_image.h component of libsixel allows attackers to cause a denial of service (DOS) via a crafted PICT file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Libsixel 1.8.3 contains a heap-based buffer overflow in the sixel_encode_highcolor function in tosixel.c. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Libsixel 1.8.2 contains a heap-based buffer overflow in the dither_func_fs function in tosixel.c. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Libsixel prior to v1.8.3 contains a stack buffer overflow in the function gif_process_raster at fromgif.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
An invalid read in the stb_image.h component of libsixel prior to v1.8.5 allows attackers to cause a denial of service (DOS) via a crafted PSD file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
An issue in the dither.c component of libsixel prior to v1.8.4 allows attackers to cause a denial of service (DOS) via a crafted PNG file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
A heap-based buffer overflow in the sixel_encoder_output_without_macro function in encoder.c of Libsixel 1.8.4 allows attackers to cause a denial of service (DOS) via converting a crafted PNG file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Buffer Overflow in the "sixel_encoder_encode_bytes" function of Libsixel v1.8.6 allows attackers to cause a Denial of Service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Unverified indexs into the array lead to out of bound access in the gif_out_code function in fromgif.c in libsixel 1.8.6. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
load_png in loader.c in libsixel.a in libsixel 1.8.6 has an uninitialized pointer leading to an invalid call to free, which can cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
libsixel 1.8.4 has an integer overflow in sixel_frame_resize in frame.c. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in libsixel 1.8.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in libsixel 1.8.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A heap-based buffer overflow was discovered in image_buffer_resize in fromsixel.c in libsixel before 1.8.4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A memory leak was discovered in image_buffer_resize in fromsixel.c in libsixel 1.8.4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An invalid memory address dereference was discovered in load_pnm in frompnm.c in libsixel before 1.8.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in libsixel 1.8.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbi__load_main. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in libsixel 1.8.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in libsixel 1.8.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in libsixel 1.8.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in libsixel 1.8.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The load_pnm function in frompnm.c in libsixel.a in libsixel 1.8.2 has infinite recursion. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In libsixel v1.8.2, there is a heap-based buffer over-read in the function load_jpeg() in the file loader.c, as demonstrated by img2sixel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In libsixel v1.8.2, there is an infinite loop in the function sixel_decode_raw_impl() in the file fromsixel.c, as demonstrated by sixel2png. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
There is a heap-based buffer over-read at writer.c (function: write_png_to_file) in libsixel 1.8.2 that will cause a denial of service. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
There is a heap-based buffer overflow at fromsixel.c (function: image_buffer_resize) in libsixel 1.8.2 that will cause a denial of service or possibly unspecified other impact. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
There is an illegal address access at fromsixel.c (function: sixel_decode_raw_impl) in libsixel 1.8.2 that will cause a denial of service. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
There is a heap-based buffer over-read at stb_image_write.h (function: stbi_write_png_to_mem) in libsixel 1.8.2 that will cause a denial of service. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
There is a NULL pointer dereference at function sixel_helper_set_additional_message (status.c) in libsixel 1.8.2 that will cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
There is a heap-based buffer over-read at stb_image.h (function: stbi__tga_load) in libsixel 1.8.2 that will cause a denial of service. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
libsixel 1.8.1 has a memory leak in sixel_allocator_new in allocator.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
libsixel 1.8.1 has a memory leak in sixel_decoder_decode in decoder.c, image_buffer_resize in fromsixel.c, and sixel_decode_raw in fromsixel.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
libsixel versions prior to 1.8.7-r2 crash on memory allocation failure in sixel_decode_raw and sixel_decode functions due to incorrect NULL pointer validation, allowing local attackers to trigger denial of service under low-memory conditions. The vulnerability affects any application using libsixel's public decoding APIs when system memory pressure causes malloc to fail.
Heap buffer overflow in libsixel 1.8.7 and earlier allows local attackers to achieve arbitrary code execution by providing a maliciously crafted large palettised PNG image that triggers integer overflow in RGB888 conversion routines. The vulnerability requires user interaction to process the malicious image but no authentication. EPSS data not available; no public exploit identified at time of analysis, though the technical details in the advisory provide sufficient information for weaponization. Vendor-released patch: version 1.8.7-r1.
Out-of-bounds heap read in libsixel img2sixel via integer overflow allows local attackers to crash the application and potentially leak sensitive memory contents when processing malicious --crop arguments with otherwise valid images. Affects libsixel 1.8.7 and earlier; patched in 1.8.7-r1. EPSS data not available, but exploitation requires local access with user interaction (CVSS AV:L/UI:R). No CISA KEV listing; no public exploit identified at time of analysis.
Heap use-after-free in libsixel 1.8.7 and earlier allows local code execution when processing malicious animated GIF files through the sixel_helper_load_image_file() API with multi-frame callbacks. The vulnerability triggers when gif_init_frame() unconditionally frees and reallocates frame->pixels between frames while client code retains references via the documented sixel_frame_ref() API, creating dangling pointers confirmed by AddressSanitizer. Fixed in version 1.8.7-r1. No public exploit iden
Use-after-free in libsixel's gdk-pixbuf2 loader enables local attackers to achieve code execution via crafted images. Affects libsixel versions through 1.8.7 when compiled with --with-gdk-pixbuf2 option. The vulnerability stems from inconsistent memory management in load_with_gdkpixbuf(), which manually frees reference-counted frame objects, leaving dangling pointers that callbacks can access post-cleanup. CVSS 7.8 (High) with local attack vector requiring user interaction. Fixed in version 1.8.7-r1. No confirmed active exploitation (CISA KEV), though proof-of-concept feasibility is high given the deterministic nature of the memory corruption.
Use-after-free in libsixel 1.8.7 and earlier enables local attackers to crash applications or execute arbitrary code via crafted SIXEL image frames. The vulnerability occurs when sixel_encoder_encode_bytes() processes resize operations that free caller-owned pixel buffers, creating dangling pointers exploitable through repeated, predictable frame manipulation. EPSS data not available; no confirmed active exploitation (not in CISA KEV), but the technical details suggest reliable exploitation potential for local privilege escalation or RCE scenarios.
saitoha libsixel until v1.8.7 was discovered to contain a memory leak via the component malloc_stub.c. [CVSS 4.0 MEDIUM]
There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in libsixel img2sixel 1.8.6. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
There is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894 in libsixel img2sixel 1.8.6. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
libsixel before 1.10 is vulnerable to Buffer Overflow in libsixel/src/quant.c:867. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
libsixel 1.8.6 suffers from a Heap Use After Free vulnerability in in libsixel/src/dither.c:388. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
libsixel 1.8.6 is affected by Buffer Overflow in libsixel/src/quant.c:876. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
libsixel 1.10.0 is vulnerable to Use after free in libsixel/src/dither.c:379. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
stb_image.h (aka the stb image loader) 2.19, as used in libsixel and other products, has a reachable assertion in stbi__create_png_image_raw. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In libsixel 1.8.6, sixel_encoder_output_without_macro (called from sixel_encoder_encode_frame in encoder.c) has a double free. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In Libsixel prior to and including v1.10.3, a NULL pointer dereference in the stb_image.h component of libsixel allows attackers to cause a denial of service (DOS) via a crafted PICT file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Libsixel 1.8.3 contains a heap-based buffer overflow in the sixel_encode_highcolor function in tosixel.c. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Libsixel 1.8.2 contains a heap-based buffer overflow in the dither_func_fs function in tosixel.c. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Libsixel prior to v1.8.3 contains a stack buffer overflow in the function gif_process_raster at fromgif.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
An invalid read in the stb_image.h component of libsixel prior to v1.8.5 allows attackers to cause a denial of service (DOS) via a crafted PSD file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
An issue in the dither.c component of libsixel prior to v1.8.4 allows attackers to cause a denial of service (DOS) via a crafted PNG file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
A heap-based buffer overflow in the sixel_encoder_output_without_macro function in encoder.c of Libsixel 1.8.4 allows attackers to cause a denial of service (DOS) via converting a crafted PNG file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Buffer Overflow in the "sixel_encoder_encode_bytes" function of Libsixel v1.8.6 allows attackers to cause a Denial of Service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Unverified indexs into the array lead to out of bound access in the gif_out_code function in fromgif.c in libsixel 1.8.6. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
load_png in loader.c in libsixel.a in libsixel 1.8.6 has an uninitialized pointer leading to an invalid call to free, which can cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
libsixel 1.8.4 has an integer overflow in sixel_frame_resize in frame.c. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in libsixel 1.8.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in libsixel 1.8.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A heap-based buffer overflow was discovered in image_buffer_resize in fromsixel.c in libsixel before 1.8.4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A memory leak was discovered in image_buffer_resize in fromsixel.c in libsixel 1.8.4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An invalid memory address dereference was discovered in load_pnm in frompnm.c in libsixel before 1.8.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in libsixel 1.8.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbi__load_main. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in libsixel 1.8.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in libsixel 1.8.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in libsixel 1.8.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in libsixel 1.8.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The load_pnm function in frompnm.c in libsixel.a in libsixel 1.8.2 has infinite recursion. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In libsixel v1.8.2, there is a heap-based buffer over-read in the function load_jpeg() in the file loader.c, as demonstrated by img2sixel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In libsixel v1.8.2, there is an infinite loop in the function sixel_decode_raw_impl() in the file fromsixel.c, as demonstrated by sixel2png. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
There is a heap-based buffer over-read at writer.c (function: write_png_to_file) in libsixel 1.8.2 that will cause a denial of service. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
There is a heap-based buffer overflow at fromsixel.c (function: image_buffer_resize) in libsixel 1.8.2 that will cause a denial of service or possibly unspecified other impact. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
There is an illegal address access at fromsixel.c (function: sixel_decode_raw_impl) in libsixel 1.8.2 that will cause a denial of service. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
There is a heap-based buffer over-read at stb_image_write.h (function: stbi_write_png_to_mem) in libsixel 1.8.2 that will cause a denial of service. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
There is a NULL pointer dereference at function sixel_helper_set_additional_message (status.c) in libsixel 1.8.2 that will cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
There is a heap-based buffer over-read at stb_image.h (function: stbi__tga_load) in libsixel 1.8.2 that will cause a denial of service. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
libsixel 1.8.1 has a memory leak in sixel_allocator_new in allocator.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
libsixel 1.8.1 has a memory leak in sixel_decoder_decode in decoder.c, image_buffer_resize in fromsixel.c, and sixel_decode_raw in fromsixel.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.