CVE-2021-45911 — Out-of-bounds Write in Gif2apng

CWE-787 — Out-of-bounds Write6 documents5 sources

Severity

7.8HIGHNVD

EPSS

0.3%

top 45.92%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Gif2apng Project Gif2apng Debian Gif2apng Debian Linux

Timeline

PublishedDec 28

Latest updateMar 23

Description

An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow in the main function. It allows an attacker to write 2 bytes outside the boundaries of the buffer.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

▶debiandebian/gif2apng< gif2apng 1.9+srconly-3+deb11u1 (bullseye)

▶Debiangif2apng_project/gif2apng< 1.9+srconly-3+deb11u1

▶Ubuntugif2apng_project/gif2apng< 1.9+srconly-2ubuntu0.1+2

▶NVDgif2apng_project/gif2apng1.9

Also affects: Debian Linux 9.0

🔴Vulnerability Details

OSV

gif2apng vulnerabilities↗2023-03-23

▶

GHSA

GHSA-2pj8-x98c-rm2q: An issue was discovered in gif2apng 1↗2021-12-29

▶

OSV

CVE-2021-45911: An issue was discovered in gif2apng 1↗2021-12-28

▶

📋Vendor Advisories

Ubuntu

gif2apng vulnerabilities↗2023-03-23

▶

Debian

CVE-2021-45911: gif2apng - An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow i...↗2021

▶