CVE-2023-48161 (https://github.com/tacetool/TACE#cve-2023-48161): Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c
Is there an upstream report?
Yes, sorry, I wasn't sure which to use since they were both linked in the CVE https://sourceforge.net/p/giflib/bugs/167/