CVE-2025-31344

Опубликовано: 14 апр. 2025

Источник: debian

EPSS Низкий

Описание

Heap-based Buffer Overflow vulnerability in openEuler giflib on Linux. This vulnerability is associated with program files gif2rgb.C. This issue affects giflib: through 5.2.2.

Пакеты

Пакет	Статус	Релиз	Тип
giflib	unfixed		package
giflib	no-dsa	trixie	package
giflib	no-dsa	bookworm	package
giflib	postponed	bullseye	package

Примечания

https://www.openwall.com/lists/oss-security/2025/04/07/3
https://sourceforge.net/p/giflib/bugs/176/
Fixed by: https://sourceforge.net/p/giflib/code/ci/7bbe8ea1a595bb7509ffa0a86b076e9b720e85af/ (6.1.1)

EPSS

Процентиль: 31%

0.0012

Низкий

Связанные уязвимости

CVE-2025-31344

CVSS3: 7.3

ubuntu

12 месяцев назад

Heap-based Buffer Overflow vulnerability in openEuler giflib on Linux. This vulnerability is associated with program files gif2rgb.C. This issue affects giflib: through 5.2.2.

CVE-2025-31344

CVSS3: 5.9

redhat

12 месяцев назад

Heap-based Buffer Overflow vulnerability in openEuler giflib on Linux. This vulnerability is associated with program files gif2rgb.C. This issue affects giflib: through 5.2.2.

CVE-2025-31344

CVSS3: 7.3

nvd

12 месяцев назад

Heap-based Buffer Overflow vulnerability in openEuler giflib on Linux. This vulnerability is associated with program files gif2rgb.C. This issue affects giflib: through 5.2.2.

CVE-2025-31344

CVSS3: 7.3

msrc

12 месяцев назад

The giflib open-source component has a buffer overflow vulnerability

SUSE-SU-2025:1164-1

suse-cvrf

12 месяцев назад

Security update for giflib

EPSS

Процентиль: 31%

0.0012

Низкий