Vulnerability CVE-2023-46009: Information

Description

gifsicle-1.94 was found to have a floating point exception (FPE) vulnerability via resize_stream at src/xform.c.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2023-46009
Published: Oct. 18, 2023
Modified: March 1, 2024
Error type identifier: CWE-697

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
gifsiclep101.93-alt11.95-alt2ALT-PU-2022-2491-2305279Fixed
gifsiclep91.92-alt11.92-alt1ALT-PU-2020-3169-2260570Fixed
gifsiclec10f11.93-alt11.93-alt1ALT-PU-2022-2491-2305279Fixed
gifsiclec9f21.93-alt11.93-alt1ALT-PU-2024-3605-4342233Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://github.com/kohler/gifsicle/issues/196
  • Exploit
  • Issue Tracking
  • Patch
  • Third Party Advisory
FEDORA-2024-5e50570506
    FEDORA-2024-4672c1ff2d

        1. Configuration 1

          cpe:2.3:a:lcdf:gifsicle:1.94:*:*:*:*:*:*:*
      VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
      Version: v24.5.3
      Back to top