High severity8.8OSV Advisory· Published May 3, 2018· Updated Jun 17, 2026
CVE-2018-10717
CVE-2018-10717
Description
The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 does not consider the bounds of the pixels data structure, which allows remote attackers to cause a denial of service (WritePixels heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted GIF file, a different vulnerability than CVE-2018-10677.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
20.1, 0.2, 0.4+ 1 more
- (no CPE)range: 0.1, 0.2, 0.4
- (no CPE)range: =0.4
Patches
Vulnerability mechanics
References
2- github.com/miniupnp/ngiflib/commit/cf429e0a2fe26b5f01ce0c8e9b79432e94509b6envdPatch
- github.com/miniupnp/ngiflib/issues/3nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.