Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/giflib@5.1.9-2
purl pkg:deb/debian/giflib@5.1.9-2
Next non-vulnerable version 5.2.2-1
Latest non-vulnerable version 5.2.2-1
Risk 4.0
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-276w-96xc-5be1
Aliases:
CVE-2021-40633
gif2rgb: gif2rgb memory leak
5.2.2-1
Affected by 0 other vulnerabilities.
VCID-c3n5-vvnd-3uc8
Aliases:
CVE-2023-48161
Out-of-bounds Write Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c
5.2.2-1
Affected by 0 other vulnerabilities.
VCID-dv4g-b5vw-huf4
Aliases:
CVE-2022-28506
Out-of-bounds Write There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45.
5.2.2-1
Affected by 0 other vulnerabilities.
VCID-nz8n-htdu-k7gw
Aliases:
CVE-2020-23922
giflib: out-of-bounds read in DumpScreen2RGB() in gif2rgb.c in gif2rgb tool
5.2.2-1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-9vjz-q2h7-xueb giflib: heap-based buffer overflow in DGifDecompressLine function in dgif_lib.c CVE-2018-11490
VCID-p33t-h9n1-h3ck giflib: divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c CVE-2019-15133

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T13:04:44.162472+00:00 Debian Importer Affected by VCID-nz8n-htdu-k7gw https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:48:54.833231+00:00 Debian Importer Affected by VCID-dv4g-b5vw-huf4 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:42:38.784648+00:00 Debian Importer Affected by VCID-276w-96xc-5be1 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:44:35.699982+00:00 Debian Importer Affected by VCID-c3n5-vvnd-3uc8 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-15T21:58:04.917063+00:00 Debian Oval Importer Fixing VCID-9vjz-q2h7-xueb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:10:30.056926+00:00 Debian Oval Importer Fixing VCID-p33t-h9n1-h3ck https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-13T08:59:33.144335+00:00 Debian Importer Affected by VCID-nz8n-htdu-k7gw https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:03:39.233867+00:00 Debian Importer Affected by VCID-dv4g-b5vw-huf4 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:58:52.575499+00:00 Debian Importer Affected by VCID-276w-96xc-5be1 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:15:53.731043+00:00 Debian Importer Affected by VCID-c3n5-vvnd-3uc8 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T21:36:21.406623+00:00 Debian Oval Importer Fixing VCID-9vjz-q2h7-xueb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T19:52:12.964769+00:00 Debian Oval Importer Fixing VCID-p33t-h9n1-h3ck https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T21:14:29.251034+00:00 Debian Oval Importer Fixing VCID-9vjz-q2h7-xueb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T19:59:00.615568+00:00 Debian Importer Affected by VCID-nz8n-htdu-k7gw https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-08T19:34:29.410905+00:00 Debian Oval Importer Fixing VCID-p33t-h9n1-h3ck https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T19:22:04.702067+00:00 Debian Importer Affected by VCID-dv4g-b5vw-huf4 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-08T19:19:02.648182+00:00 Debian Importer Affected by VCID-276w-96xc-5be1 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-08T18:49:47.946329+00:00 Debian Importer Affected by VCID-c3n5-vvnd-3uc8 https://security-tracker.debian.org/tracker/data/json 38.1.0