[ALPINE:CVE-2016-3977] giflib vulnerability
Severity
Medium
Affected Packages
3
Fixed Packages
3
CVEs
1
[From CVE-2016-3977] Heap-based buffer overflow in util/gif2rgb.c in gif2rgb in giflib 5.1.2 allows remote attackers to cause a denial of service (application crash) via the background color index in a GIF file.
Package | Affected Version |
---|---|
pkg:apk/alpine/giflib?arch=x86_64&distro=alpine-3.4 | < 5.1.4-r0 |
pkg:apk/alpine/giflib?arch=x86&distro=alpine-3.4 | < 5.1.4-r0 |
pkg:apk/alpine/giflib?arch=armhf&distro=alpine-3.4 | < 5.1.4-r0 |
Package | Fixed Version |
---|---|
pkg:apk/alpine/giflib?arch=x86_64&distro=alpine-3.4 | = 5.1.4-r0 |
pkg:apk/alpine/giflib?arch=x86&distro=alpine-3.4 | = 5.1.4-r0 |
pkg:apk/alpine/giflib?arch=armhf&distro=alpine-3.4 | = 5.1.4-r0 |
- ID
- ALPINE:CVE-2016-3977
- Severity
- medium
- URL
- https://security.alpinelinux.org/vuln/CVE-2016-3977
- Published
-
2016-04-21T14:59:02
(8 years ago) - Modified
-
2016-04-21T14:59:02
(8 years ago) - Rights
- Alpine Linux Security Team
- Other Advisories
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Fixed | pkg:apk/alpine/giflib?arch=x86_64&distro=alpine-3.4 | alpine | giflib | = 5.1.4-r0 | alpine-3.4 | x86_64 | |
Affected | pkg:apk/alpine/giflib?arch=x86_64&distro=alpine-3.4 | alpine | giflib | < 5.1.4-r0 | alpine-3.4 | x86_64 | |
Fixed | pkg:apk/alpine/giflib?arch=x86&distro=alpine-3.4 | alpine | giflib | = 5.1.4-r0 | alpine-3.4 | x86 | |
Affected | pkg:apk/alpine/giflib?arch=x86&distro=alpine-3.4 | alpine | giflib | < 5.1.4-r0 | alpine-3.4 | x86 | |
Fixed | pkg:apk/alpine/giflib?arch=armhf&distro=alpine-3.4 | alpine | giflib | = 5.1.4-r0 | alpine-3.4 | armhf | |
Affected | pkg:apk/alpine/giflib?arch=armhf&distro=alpine-3.4 | alpine | giflib | < 5.1.4-r0 | alpine-3.4 | armhf |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |