Saitoha Libsixel vulnerabilities
6 known vulnerabilities affecting saitoha/libsixel.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH5MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2026-33021HIGHCVSS 7.3fixed in 1.8.7-r12026-04-14
CVE-2026-33021 [HIGH] CWE-416 CVE-2026-33021: libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and pr
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a use-after-free vulnerability in sixel_encoder_encode_bytes() because sixel_frame_init() stores the caller-owned pixel buffer pointer directly in frame->pixels without making a defensive copy. When a resize operation is triggered, sixel_fra
cvelistv5nvd
CVE-2026-33018HIGHCVSS 7.0fixed in 1.8.7-rc12026-04-14
CVE-2026-33018 [HIGH] CWE-416 CVE-2026-33018: libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and pr
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a Use-After-Free vulnerability via the load_gif() function in fromgif.c, where a single sixel_frame_t object is reused across all frames of an animated GIF and gif_init_frame() unconditionally frees and reallocates frame->pixels between fram
cvelistv5nvd
CVE-2026-33020HIGHCVSS 7.1fixed in 1.8.7-r12026-04-14
CVE-2026-33020 [HIGH] CWE-122 CVE-2026-33020: libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and pr
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain an integer overflow which leads to a heap buffer overflow via sixel_frame_convert_to_rgb888() in frame.c, where allocation size and pointer offset computations for palettised images (PAL1, PAL2, PAL4) are performed using int arithmetic befor
cvelistv5nvd
CVE-2026-33023HIGHCVSS 7.8fixed in 1.8.7-r12026-04-14
CVE-2026-33023 [HIGH] CWE-416 CVE-2026-33023: libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. In versions 1.8.7 and
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. In versions 1.8.7 and prior, when built with the --with-gdk-pixbuf2 option, a use-after-free vulnerability exists in load_with_gdkpixbuf() in loader.c. The cleanup path manually frees the sixel_frame_t object and its internal buffers without consulting the reference count,
cvelistv5nvd
CVE-2026-33019HIGHCVSS 7.1fixed in 1.8.7-r12026-04-14
CVE-2026-33019 [HIGH] CWE-125 CVE-2026-33019: libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and pr
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain an integer overflow leading to an out-of-bounds heap read in the --crop option handling of img2sixel, where positive coordinates up to INT_MAX are accepted without overflow-safe bounds checking. In sixel_encoder_do_clip(), the expression cli
cvelistv5nvd
CVE-2025-9300MEDIUMCVSS 4.8v1.10.0v1.10.1+2 more2025-08-21
CVE-2025-9300 [MEDIUM] CWE-119 CVE-2025-9300: A vulnerability was found in saitoha libsixel up to 1.10.3. Affected by this issue is the function s
A vulnerability was found in saitoha libsixel up to 1.10.3. Affected by this issue is the function sixel_debug_print_palette of the file src/encoder.c of the component img2sixel. The manipulation results in stack-based buffer overflow. The attack must be initiated from a local position. The exploit has been made public and could be used. The patch is
cvelistv5nvd