CVE-2024-45993
published 2024-09-30CVE-2024-45993: Giflib Project v5.2.2 is vulnerable to a heap buffer overflow via gif2rgb.
PriorityP431medium6.5CVSS 3.1
AVNACLPRNUINSUCNILAL
EPSS
0.46%
36.6th percentile
Giflib Project v5.2.2 is vulnerable to a heap buffer overflow via gif2rgb.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | giflib | — | — |
| giflib_project | giflib | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
osv6.5MEDIUM
vendor_debian6.5LOW
vendor_redhat6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
giflib: heap buffer overflow via gif2rgb
vendor_redhat·2024-09-30·CVSS 6.5
CVE-2024-45993 [MEDIUM] CWE-122 giflib: heap buffer overflow via gif2rgb
giflib: heap buffer overflow via gif2rgb
Giflib Project v5.2.2 is vulnerable to a heap buffer overflow via gif2rgb.
A flaw was found in the GIFLIB project. Processing specially-crafted input may trigger a heap buffer overflow condition, which can cause a denial of service.
Statement: No Red Hat products are affected by this vulnerability.
Package: java-11-openjdk-portable (Red Hat build of OpenJDK 11) - Not affected
Package: java-17-openjdk-portable (Red Hat build of OpenJDK 17) - Not affected
Package: java-1.8.0-openjdk-portable (Red Hat build of OpenJDK 1.8) - Not affected
Package: java-21-openjdk-portable-rhel7 (Red Hat build of OpenJDK 21) - Not affected
Package: giflib (Red Hat Enterprise Linux 10) - Not affected
Package: java-21-openjdk (Red Hat Enterprise Linux 10) - Not af
Debian
CVE-2024-45993: giflib - Giflib Project v5.2.2 is vulnerable to a heap buffer overflow via gif2rgb.
vendor_debian·2024·CVSS 6.5
CVE-2024-45993 [MEDIUM] CVE-2024-45993: giflib - Giflib Project v5.2.2 is vulnerable to a heap buffer overflow via gif2rgb.
Giflib Project v5.2.2 is vulnerable to a heap buffer overflow via gif2rgb.
Scope: local
bookworm: open
bullseye: open
forky: open
sid: open
trixie: open
GHSA
GHSA-pp67-vh85-488h: Giflib Project v5
ghsa_unreviewed·2024-09-30
CVE-2024-45993 [MEDIUM] CWE-122 GHSA-pp67-vh85-488h: Giflib Project v5
Giflib Project v5.2.2 is vulnerable to a heap buffer overflow via gif2rgb.
OSV
CVE-2024-45993: Giflib Project v5
osv·2024-09-30·CVSS 6.5
CVE-2024-45993 [MEDIUM] CVE-2024-45993: Giflib Project v5
Giflib Project v5.2.2 is vulnerable to a heap buffer overflow via gif2rgb.
No detection rules found.
No public exploits indexed.
2024-09-30
Published