Giflibproject Giflib
By the Year
In 2024 there have been 0 vulnerabilities in Giflibproject Giflib . Last year Giflib had 2 security vulnerabilities published. Right now, Giflib is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 2 | 6.30 |
| 2022 | 2 | 7.15 |
| 2021 | 1 | 7.10 |
| 2020 | 0 | 0.00 |
| 2019 | 1 | 6.50 |
| 2018 | 2 | 8.80 |
It may take a day or so for new Giflib vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Giflibproject Giflib Security Vulnerabilities
Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1
CVE-2023-48161
7.1 - High
- November 22, 2023
Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c
Memory Corruption
giflib v5.2.1 was discovered to contain a segmentation fault
CVE-2023-39742
5.5 - Medium
- August 25, 2023
giflib v5.2.1 was discovered to contain a segmentation fault via the component getarg.c.
Classic Buffer Overflow
A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5.1.4
CVE-2021-40633
8.8 - High
- June 14, 2022
A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5.1.4 allows remote attackers trigger an out of memory exception or denial of service via a gif format file.
Memory Leak
There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45.
CVE-2022-28506
5.5 - Medium
- April 25, 2022
There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45.
Memory Corruption
An issue was discovered in giflib through 5.1.4
CVE-2020-23922
7.1 - High
- April 21, 2021
An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif2rgb.c has a heap-based buffer over-read.
Out-of-bounds Read
In GIFLIB before 2019-02-16
CVE-2019-15133
6.5 - Medium
- August 17, 2019
In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero.
Divide By Zero
The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow
CVE-2018-11489
8.8 - High
- May 26, 2018
The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain CrntCode array index is not checked. This will lead to a denial of service or possibly unspecified other impact.
Memory Corruption
The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow
CVE-2018-11490
8.8 - High
- May 26, 2018
The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is not checked. This will lead to a denial of service or possibly unspecified other impact.
Memory Corruption
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Canonical Ubuntu Linux or by Giflibproject? Click the Watch button to subscribe.
