[ALPINE:CVE-2016-3977] giflib vulnerability

Severity Medium

Affected Packages 3

Fixed Packages 3

CVEs 1

[From CVE-2016-3977] Heap-based buffer overflow in util/gif2rgb.c in gif2rgb in giflib 5.1.2 allows remote attackers to cause a denial of service (application crash) via the background color index in a GIF file.

Package	Affected Version
pkg:apk/alpine/giflib?arch=x86_64&distro=alpine-3.4	< 5.1.4-r0
pkg:apk/alpine/giflib?arch=x86&distro=alpine-3.4	< 5.1.4-r0
pkg:apk/alpine/giflib?arch=armhf&distro=alpine-3.4	< 5.1.4-r0

Package	Fixed Version
pkg:apk/alpine/giflib?arch=x86_64&distro=alpine-3.4	= 5.1.4-r0
pkg:apk/alpine/giflib?arch=x86&distro=alpine-3.4	= 5.1.4-r0
pkg:apk/alpine/giflib?arch=armhf&distro=alpine-3.4	= 5.1.4-r0

ID

ALPINE:CVE-2016-3977

Severity

medium

URL

https://security.alpinelinux.org/vuln/CVE-2016-3977

Published

2016-04-21T14:59:02
(8 years ago)

Modified

2016-04-21T14:59:02
(8 years ago)

Rights

Alpine Linux Security Team

Other Advisories

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch
Fixed	pkg:apk/alpine/giflib?arch=x86_64&distro=alpine-3.4	alpine	giflib	= 5.1.4-r0	alpine-3.4	x86_64
Affected	pkg:apk/alpine/giflib?arch=x86_64&distro=alpine-3.4	alpine	giflib	< 5.1.4-r0	alpine-3.4	x86_64
Fixed	pkg:apk/alpine/giflib?arch=x86&distro=alpine-3.4	alpine	giflib	= 5.1.4-r0	alpine-3.4	x86
Affected	pkg:apk/alpine/giflib?arch=x86&distro=alpine-3.4	alpine	giflib	< 5.1.4-r0	alpine-3.4	x86
Fixed	pkg:apk/alpine/giflib?arch=armhf&distro=alpine-3.4	alpine	giflib	= 5.1.4-r0	alpine-3.4	armhf
Affected	pkg:apk/alpine/giflib?arch=armhf&distro=alpine-3.4	alpine	giflib	< 5.1.4-r0	alpine-3.4	armhf

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date