CVE-2025-54575 – ImageSharp GIF Denial of Service

July 30, 2025

CVE ID : CVE-2025-54575

Published : July 30, 2025, 8:15 p.m. | 3 hours, 29 minutes ago

Description : ImageSharp is a 2D graphics library. In versions below 2.1.11 and 3.0.0 through 3.1.10, a specially crafted GIF file containing a malformed comment extension block (with a missing block terminator) can cause the ImageSharp GIF decoder to enter an infinite loop while attempting to skip the block. This leads to a denial of service. Applications processing untrusted GIF input should upgrade to a patched version. This issue is fixed in versions 2.1.11 and 3.1.11.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-54581 – Vproxy HTTP Proxy-Authorization Header DoS Vulnerability

Next Article CVE-2025-54576 – OAuth2-Proxy Regex Pattern Bypass Authentication Vulnerability

Highlights

CVE-2024-51977 – HP Printer Information Disclosure

June 25, 2025

CVE ID : CVE-2024-51977

Published : June 25, 2025, 8:15 a.m. | 2 hours, 42 minutes ago

Description : An unauthenticated attacker who can access either the HTTP service (TCP port 80), the HTTPS service (TCP port 443), or the IPP service (TCP port 631), can leak several pieces of sensitive information from a vulnerable device. The URI path /etc/mnt_info.csv can be accessed via a GET request and no authentication is required. The returned result is a comma separated value (CSV) table of information. The leaked information includes the device’s model, firmware version, IP address, and serial number.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Upwork Freelancers vs Dedicated React.js Teams: What’s Better for Your Project in 2025?

Is Agile dead in the age of AI?

Top 15 Enterprise Use Cases That Justify Hiring Node.js Developers in 2025

The Core Model: Start FROM The Answer, Not WITH The Solution

Finally, a sleek gaming laptop I can take to the office (without sacrificing power)

These jobs face the highest risk of AI takeover, according to Microsoft

Apple’s tariff costs and iPhone sales are soaring – how long until device prices are too?

5 ways to successfully integrate AI agents into your workplace

Everything We Know About Livewire 4

Everything We Know About Livewire 4

Write Faster With WordPress’ Shortcodes

Build, Run, and Integrate Your Own LLM with Ollama

YouTube wants to use AI to treat “teens as teens and adults as adults” — with the most age-appropriate experiences and protections

YouTube wants to use AI to treat “teens as teens and adults as adults” — with the most age-appropriate experiences and protections

Sam Altman is afraid of OpenAI’s GPT-5 creation — “The Manhattan Project feels very fast, like there are no adults in the room”

9 new features that arrived on the Windows 11 Insider Program during the second half of July 2025

CVE-2025-54575 – ImageSharp GIF Denial of Service

This month in security with Tony Anscombe – July 2025 edition

WordPress AI Engine Plugin Bug Allows Remote Code Execution – Update Now

Windows 10 removes Start menu jump lists (file list) for tiles in April 2025 Update

CVE-2025-50460 – Apache Ms-Swift Remote Code Execution (RCE)

Google Drops Cookie Prompt in Chrome, Adds IP Protection to Incognito

Cl0p cybercrime gang’s data exfiltration tool found vulnerable to RCE attacks

CVE-2024-51977 – HP Printer Information Disclosure

New Chrome Zero-Day Actively Exploited; Google Issues Emergency Out-of-Band Patch

CVE-2025-5820 – Sony XAV-AX8500 Bluetooth ERTM Channel Authentication Bypass

IBM i Vulnerability Allows Let Attackers Escalate Privileges

CVE-2025-54575 – ImageSharp GIF Denial of Service

Related Posts