Giflib Project

giflib_project

14 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (14)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-26740 1Giflib Project 1Giflib Mar 21, 2026 Mar 18, 2026 N/A· v4 8.2 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension overwriting an existing Graphic Control Extension block without validating its allocated si...Show more Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension overwriting an existing Graphic Control Extension block without validating its allocated size.Show less
CVE-2026-23868 1Giflib Project 1Giflib May 7, 2026 Mar 10, 2026 N/A· v4 5.1 MEDIUM· v3 N/A· v2 Giflib contains a double-free vulnerability that is the result of a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions needed to trigger this vulnerability are difficult but may be possible.
CVE-2024-45993 1Giflib Project 1Giflib Jul 10, 2025 Sep 30, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Giflib Project v5.2.2 is vulnerable to a heap buffer overflow via gif2rgb.
CVE-2023-48161 1Giflib Project 1Giflib Nov 21, 2024 Nov 22, 2023 N/A· v4 7.1 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c
CVE-2023-39742 1Giflib Project 1Giflib Nov 21, 2024 Aug 25, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 giflib v5.2.1 was discovered to contain a segmentation fault via the component getarg.c.
CVE-2021-40633 1Giflib Project 1Giflib Nov 21, 2024 Jun 14, 2022 N/A· v4 8.8 HIGH· v3 5.1 MEDIUM· v2 A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5.1.4 allows remote attackers trigger an out of memory exception or denial of service via a gif format file.
CVE-2022-28506 2Fedoraproject Giflib Project 2Fedora Giflib Nov 21, 2024 Apr 25, 2022 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45.
CVE-2020-23922 2Apache Giflib Project 2Bookkeeper Giflib Nov 21, 2024 Apr 21, 2021 N/A· v4 7.1 HIGH· v3 5.8 MEDIUM· v2 An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif2rgb.c has a heap-based buffer over-read.
CVE-2019-15133 3Canonical DebianGiflib Project 3Debian Linux GiflibUbuntu Linux Nov 21, 2024 Aug 17, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero.
CVE-2018-11490 4Canonical DebianGiflib Project+1 more 4Debian Linux GiflibSam2p+1 more Nov 21, 2024 May 26, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is n...Show more The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is not checked. This will lead to a denial of service or possibly unspecified other impact.Show less
CVE-2018-11489 2Giflib Project Sam2p Project 2Giflib Sam2p Nov 21, 2024 May 26, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain CrntCode array index is not checked. This w...Show more The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain CrntCode array index is not checked. This will lead to a denial of service or possibly unspecified other impact.Show less
CVE-2016-3177 1Giflib Project 1Giflib May 13, 2026 Jan 23, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Multiple use-after-free and double-free vulnerabilities in gifcolor.c in GIFLIB 5.1.2 have unspecified impact and attack vectors.
CVE-2016-3977 2Giflib Project Opensuse 2Giflib Opensuse May 6, 2026 Apr 21, 2016 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Heap-based buffer overflow in util/gif2rgb.c in gif2rgb in giflib 5.1.2 allows remote attackers to cause a denial of service (application crash) via the background color index in a GIF file.
CVE-2015-7555 2Fedoraproject Giflib Project 2Fedora Giflib May 6, 2026 Apr 13, 2016 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allows attackers to cause a denial of service (program crash) via crafted image and logical screen width fields in a GIF file.