ALT-PU-2023-7005-2
Closed vulnerabilities
Published: 2023-10-01
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2023-43907
OptiPNG v0.7.7 was discovered to contain a global buffer overflow via the 'buffer' variable at gifread.c.
Severity: HIGH (7.8)
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
- http://optipng.sourceforge.net/
- http://optipng.sourceforge.net/
- https://github.com/Frank-Z7/z-vulnerabilitys/blob/main/optipng-global-buffer-overflow1/optipng-global-buffer-overflow1.md
- https://github.com/Frank-Z7/z-vulnerabilitys/blob/main/optipng-global-buffer-overflow1/optipng-global-buffer-overflow1.md
- FEDORA-2023-f3389245ce
- FEDORA-2023-f3389245ce
- FEDORA-2023-ae05c3bca8
- FEDORA-2023-ae05c3bca8
- FEDORA-2023-125037736c
- FEDORA-2023-125037736c
- https://sourceforge.net/projects/optipng/files/OptiPNG/optipng-0.7.7/optipng-0.7.7.tar.gz/download?use_mirror=udomain&download=
- https://sourceforge.net/projects/optipng/files/OptiPNG/optipng-0.7.7/optipng-0.7.7.tar.gz/download?use_mirror=udomain&download=