CVE-2026-4985

A vulnerability was identified in dloebl CGIF up to 0.5.2. This vulnerability affects the function cgif_addframe of the file src/cgif.c of the component GIF Image Handler. The manipulation of the argument width/height leads to integer overflow. The attack may be initiated remotely. The identifier of the patch is b0ba830093f4317a5d1f345715d2fa3cd2dab474. It is suggested to install a patch to address this issue.

CVSS v3 4.3 MEDIUM
CVSS v2.0 5.0 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://github.com/dloebl/cgif/
https://github.com/dloebl/cgif/commit/b0ba830093f4317a5d1f345715d2fa3cd2dab474
https://github.com/dloebl/cgif/issues/110
https://github.com/dloebl/cgif/pull/112
https://vuldb.com/?ctiid.353874
https://vuldb.com/?id.353874
https://vuldb.com/?submit.778278

Configurations

No configuration.

History

27 Mar 2026, 23:17

Type	Values Removed	Values Added
Summary	(en) A vulnerability was identified in dloebl CGIF up to 0.5.2. This vulnerability affects the function cgif_addframe of the file src/cgif.c of the component GIF Image Handler. The manipulation of the argument width/height leads to integer overflow. The attack may be initiated remotely. The identifier of the patch is b0ba830093f4317a5d1f345715d2fa3cd2dab474. It is suggested to install a patch to address this issue. VulDB is the best source for vulnerability data and more expert information about this specific topic.	(en) A vulnerability was identified in dloebl CGIF up to 0.5.2. This vulnerability affects the function cgif_addframe of the file src/cgif.c of the component GIF Image Handler. The manipulation of the argument width/height leads to integer overflow. The attack may be initiated remotely. The identifier of the patch is b0ba830093f4317a5d1f345715d2fa3cd2dab474. It is suggested to install a patch to address this issue.

27 Mar 2026, 22:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-27 22:16

Updated : 2026-04-24 16:36

NVD link : CVE-2026-4985

Mitre link : CVE-2026-4985

CVE.ORG link : CVE-2026-4985

JSON object : View

Products Affected

No product.

CWE

CWE-189

Numeric Errors

CWE-190

Integer Overflow or Wraparound

4.3 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

5.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2026-4985

4.3^/10

5.0^/10

Attach tags to `CVE-2026-4985`