Skip to main content

Giflib

11 CVEs product

Monthly

CVE-2026-23868 MEDIUM PATCH This Month

Giflib's image processing functions are vulnerable to denial of service through a double-free memory corruption flaw triggered during shallow copy operations in GifMakeSavedImage with improper error handling. Local attackers with crafted image files can crash applications using affected Giflib versions, though exploitation requires specific and difficult-to-achieve conditions. No patch is currently available.

Information Disclosure Giflib
NVD VulDB
CVSS 3.1
5.1
EPSS
0.0%
CVE-2024-45993 MEDIUM This Month

Giflib Project v5.2.2 is vulnerable to a heap buffer overflow via gif2rgb. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Giflib
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-48161 HIGH POC This Week

Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Giflib
NVD GitHub
CVSS 3.1
7.1
EPSS
0.4%
CVE-2023-39742 MEDIUM POC This Month

giflib v5.2.1 was discovered to contain a segmentation fault via the component getarg.c. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Giflib
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-28506 MEDIUM POC This Month

There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Giflib Fedora
NVD GitHub
CVSS 3.1
5.5
EPSS
1.3%
CVE-2019-15133 MEDIUM This Month

In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Giflib Ubuntu Linux Debian Linux
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2018-11490 HIGH This Week

The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Giflib Sam2P Debian Linux +1
NVD GitHub
CVSS 3.1
8.8
EPSS
2.5%
CVE-2018-11489 HIGH POC This Week

The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain CrntCode array index. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Giflib Sam2P
NVD GitHub
CVSS 3.1
8.8
EPSS
2.6%
CVE-2016-3177 CRITICAL PATCH Act Now

Multiple use-after-free and double-free vulnerabilities in gifcolor.c in GIFLIB 5.1.2 have unspecified impact and attack vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Giflib
NVD VulDB
CVSS 3.0
9.8
EPSS
0.5%
CVE-2016-3977 MEDIUM PATCH This Month

Heap-based buffer overflow in util/gif2rgb.c in gif2rgb in giflib 5.1.2 allows remote attackers to cause a denial of service (application crash) via the background color index in a GIF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Buffer Overflow Opensuse Giflib
NVD
CVSS 3.0
5.5
EPSS
0.8%
CVE-2015-7555 MEDIUM POC This Month

Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allows attackers to cause a denial of service (program crash) via crafted image and logical screen width fields in a GIF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Giflib Fedora
NVD
CVSS 3.0
5.5
EPSS
0.3%
EPSS 0% CVSS 5.1
MEDIUM PATCH This Month

Giflib's image processing functions are vulnerable to denial of service through a double-free memory corruption flaw triggered during shallow copy operations in GifMakeSavedImage with improper error handling. Local attackers with crafted image files can crash applications using affected Giflib versions, though exploitation requires specific and difficult-to-achieve conditions. No patch is currently available.

Information Disclosure Giflib
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

Giflib Project v5.2.2 is vulnerable to a heap buffer overflow via gif2rgb. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Giflib
NVD
EPSS 0% CVSS 7.1
HIGH POC This Week

Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Giflib
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

giflib v5.2.1 was discovered to contain a segmentation fault via the component getarg.c. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Giflib
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Giflib +1
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM This Month

In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Giflib Ubuntu Linux +1
NVD
EPSS 2% CVSS 8.8
HIGH This Week

The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Giflib +3
NVD GitHub
EPSS 3% CVSS 8.8
HIGH POC This Week

The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain CrntCode array index. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Giflib +1
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Multiple use-after-free and double-free vulnerabilities in gifcolor.c in GIFLIB 5.1.2 have unspecified impact and attack vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Giflib
NVD VulDB
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Heap-based buffer overflow in util/gif2rgb.c in gif2rgb in giflib 5.1.2 allows remote attackers to cause a denial of service (application crash) via the background color index in a GIF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Buffer Overflow Opensuse +1
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allows attackers to cause a denial of service (program crash) via crafted image and logical screen width fields in a GIF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Giflib +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy