Your submission was sent successfully! Close


Published: 28 December 2021

An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow within the main function. It allows an attacker to write data outside of the allocated buffer. The attacker has control over a part of the address that data is written to, control over the written data, and (to some extent) control over the amount of data that is written.



CVSS 3 base score: 7.8


Package Release Status
Launchpad, Ubuntu, Debian
bionic Needs triage

focal Needs triage

hirsute Ignored
(reached end-of-life)
impish Ignored
(reached end-of-life)
trusty Ignored
(out of standard support)
upstream Needs triage

xenial Ignored
(out of standard support)