giflib

A subtle memory-management bug in a widely used GIF library has been assigned CVE-2026-23868, forcing a fresh round of supply-chain triage for Linux distributions, imaging toolchains, and any service that ingests untrusted GIF files. The vulnerability is a double-free in giflib's image-saving...

A heap-buffer-overflow in giflib’s gif2rgb utility (DumpScreen2RGB in gif2rgb.c) was assigned CVE‑2022‑28506: the bug was reported in giflib 5.2.1 and fixed upstream in later maintenance releases, and Microsoft’s MSRC advisory has mapped the issue to Azure Linux — but that mapping is a...

A heap‑based buffer overflow in the widely used giflib library — tracked as CVE‑2025‑31344 — has been publicly disclosed and fixed upstream after reports that the gif2rgb utility can be made to write past an allocated heap buffer when presented with a specially crafted GIF, creating crash and...