CVE-2026-4985

EUVD-2026-16894

27.03.2026, 22:16

A vulnerability was identified in dloebl CGIF up to 0.5.2. This vulnerability affects the function cgif_addframe of the file src/cgif.c of the component GIF Image Handler. The manipulation of the argument width/height leads to integer overflow. The attack may be initiated remotely. The identifier of the patch is b0ba830093f4317a5d1f345715d2fa3cd2dab474. It is suggested to install a patch to address this issue. VulDB is the best source for vulnerability data and more expert information about this specific topic.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	4.3 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
VulDB	CNA	4.3 MEDIUM				CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Common Weakness Enumeration

CWE-189 -

References

https://github.com/dloebl/cgif/

https://github.com/dloebl/cgif/commit/b0ba830093f4317a5d1f345715d2fa3cd2dab474

https://github.com/dloebl/cgif/issues/110

https://github.com/dloebl/cgif/pull/112

https://vuldb.com/?ctiid.353874

https://vuldb.com/?id.353874

https://vuldb.com/?submit.778278