Описание
An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif2rgb.c has a heap-based buffer over-read.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| giflib | fixed | 5.2.2-1 | package |
Примечания
https://sourceforge.net/p/giflib/bugs/151/
Specific to gif2rgb. Crash in CLI tool, no security impact
Reproducer does not trigger using giflib 5.2.1-2.5 with asan or valgrind.
Связанные уязвимости
CVSS3: 7.1
ubuntu
почти 5 лет назад
An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif2rgb.c has a heap-based buffer over-read.
CVSS3: 5.5
redhat
почти 5 лет назад
An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif2rgb.c has a heap-based buffer over-read.
CVSS3: 7.1
nvd
почти 5 лет назад
An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif2rgb.c has a heap-based buffer over-read.
CVSS3: 7.1
github
больше 3 лет назад
An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif2rgb.c has a heap-based buffer over-read.