Miniupnp_project Ngiflib
17 CVEs affecting Miniupnp_project Ngiflib. Latest disclosed: 2023-08-11. Critical: 2, High: 9.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-11576 | Critical | 9.8 | 2018-05-31 | ngiflib.c in MiniUPnP ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor. |
CVE-2018-11575 | Critical | 9.8 | 2018-05-31 | ngiflib.c in MiniUPnP ngiflib 0.4 has a stack-based buffer overflow in DecodeGifImg. |
CVE-2021-36531 | High | 8.8 | 2021-08-27 | ngiflib 0.4 has a heap overflow in GetByte() at ngiflib.c:70 in NGIFLIB_NO_FILE mode, GetByte() reads memory buffer without checking the boundary. |
CVE-2021-36530 | High | 8.8 | 2021-08-27 | ngiflib 0.4 has a heap overflow in GetByteStr() at ngiflib.c:108 in NGIFLIB_NO_FILE mode, GetByteStr() copy memory buffer without checking the boundary. |
CVE-2019-20219 | High | 8.8 | 2020-01-02 | ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor in ngiflib.c. |
CVE-2019-16347 | High | 8.8 | 2019-09-16 | ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandle… |
CVE-2019-16346 | High | 8.8 | 2019-09-16 | ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled. |
CVE-2018-10717 | High | 8.8 | 2018-05-03 | The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 does not consider the bounds of the pixels data structure, which allows remote attackers to caus… |
CVE-2018-10677 | High | 8.8 | 2018-05-02 | The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 lacks certain checks against width and height, which allows remote attackers to cause a denial o… |
CVE-2019-19011 | High | 7.5 | 2019-11-17 | MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueColor in ngiflib.c via a file that lacks a palette. |
CVE-2018-11657 | High | 7.5 | 2018-06-01 | ngiflib.c in MiniUPnP ngiflib 0.4 has an infinite loop in DecodeGifImg and LoadGif. |
CVE-2022-30858 | Medium | 6.5 | 2023-07-17 | An issue was discovered in ngiflib 0.4. There is SEGV in SDL_LoadAnimatedGif when use SDLaffgif. poc : ./SDLaffgif CA_file2_0 |
CVE-2018-11578 | Medium | 6.5 | 2018-05-31 | GifIndexToTrueColor in ngiflib.c in MiniUPnP ngiflib 0.4 has a Segmentation fault. |
CVE-2020-24221 | Medium | 5.5 | 2023-08-11 | An issue was discovered in GetByte function in miniupnp ngiflib version 0.4, allows local attackers to cause a denial of service (DoS) via crafted .gif file (i… |
CVE-2023-39114 | Medium | 5.5 | 2023-08-02 | ngiflib commit 84a75 was discovered to contain a segmentation violation via the function SDL_LoadAnimatedGif at ngiflibSDL.c. This vulnerability is triggered w… |
CVE-2023-39113 | Medium | 5.5 | 2023-08-02 | ngiflib commit fb271 was discovered to contain a segmentation violation via the function "main" at gif2tag.c. This vulnerability is triggered when running the… |
CVE-2023-37748 | Medium | 5.5 | 2023-07-19 | ngiflib commit 5e7292 was discovered to contain an infinite loop via the function DecodeGifImg at ngiflib.c. |