Summary: | media-libs/giflib: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | IN_PROGRESS --- | ||
Severity: | minor | CC: | allenwebb, codec |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://sourceforge.net/p/giflib/bugs/159/ | ||
Whiteboard: | B3 [upstream] | ||
Package list: | Runtime testing required: | --- |
Description
Sam James
2021-04-25 17:24:42 UTC
Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. CVE-2022-28506: There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45. CVE-2023-39742 """ giflib v5.2.1 was discovered to contain a segmentation fault via the component getarg.c. """ https://nvd.nist.gov/vuln/detail/CVE-2023-39742 |