CVE-2023-39742

Name
CVE-2023-39742
Description
giflib v5.2.1 was discovered to contain a segmentation fault via the component getarg.c.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://gist.github.com/huanglei3/ec9090096aa92445cf0a8baa8e929084
MISC https://sourceforge.net/p/giflib/bugs/166/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O4RLSFGPBPR3FMIUJCWPGVIYIU35YGQX/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5WO6WL2TCGO6T4VKGACDIVSZI74WJAU/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OPNBOB65TEA4ZEPLVENI26BY4LEX7TEF/

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:giflib_project:giflib:5.2.1:*:*:*:*:*:*:* giflib == None == 5.2.1

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
giflib 3.16-main 5.2.1-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
giflib 3.15-main 5.2.1-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
giflib edge-main 5.2.2-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
giflib 3.19-main 5.2.2-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
giflib 3.18-main 5.2.2-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
giflib 3.17-main 5.2.2-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
giflib 3.20-main 5.2.2-r0 Natanael Copa <ncopa@alpinelinux.org> fixed