cbcvebase.
CVE-2023-48161
published 2023-11-22

CVE-2023-48161: Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in…

PriorityP426high7.1CVSS 3.1
AVLACLPRLUINSUCHINAH
EPSS
0.42%
33.8th percentile
Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c

Affected

13 ranges
VendorProductVersion rangeFixed in
debiangiflib< giflib 5.2.2-1 (forky)giflib 5.2.2-1 (forky)
giflib_projectgiflib
giflib_projectgiflib>= 0 < 5.2.2-15.2.2-1
giflib_projectgiflib>= 0 < 5.2.2-15.2.2-1
msrcazl3_giflib_5.2.1-10_on_azure_linux_3.0
msrcazl3_giflib_5.2.1-7_on_azure_linux_3.0
msrcazl3_tensorflow_2.16.1-9_on_azure_linux_3.0
msrcazure_linux_3.0_arm
msrcazure_linux_3.0_x64
msrccbl2_giflib_5.2.1-7_on_cbl_mariner_2.0
msrccbl2_tensorflow_2.11.1-2_on_cbl_mariner_2.0
msrccbl_mariner_2.0_arm
msrccbl_mariner_2.0_x64

CVSS provenance

nvdv3.17.1HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
osv7.1HIGH
vendor_debian7.1LOW
vendor_msrc7.1HIGH
vendor_redhat7.1HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.