Divide By Zero Affecting giflib package, versions *
Snyk CVSS
Attack Complexity
Low
User Interaction
Required
Availability
High
Threat Intelligence
EPSS
0.12% (47th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-DEBIAN9-GIFLIB-459716
- published 18 Aug 2019
- disclosed 17 Aug 2019
Introduced: 17 Aug 2019
CVE-2019-15133 Open this link in a new tabHow to fix?
There is no fixed version for Debian:9 giflib.
NVD Description
Note: Versions mentioned in the description apply only to the upstream giflib package and not the giflib package as distributed by Debian.
See How to fix? for Debian:9 relevant fixed versions and status.
In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero.