VDB
ALPINE-CVE-2022-28506
ALPINE-CVE-2022-28506
PUBLISHED
CVSS 5.5 MEDIUM
There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45.
Risk Scores
CVSS v3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.22 | giflib | 0, 5.2.1-r1, 5.2.1-r0 |
| Alpine:v3.18 | giflib | 4.1.6-r6, 4.1.6-r1, 4.1.6-r2 |
| Alpine:v3.19 | giflib | 5.2.1-r1, 5.2.1-r0, 5.1.9-r0 |
| Alpine:v3.21 | giflib | 5.0.4-r0, 0, 4.1.6-r0 |
| Alpine:v3.20 | giflib | 0, 5.2.1-r1, 4.1.6-r0 |
| Alpine:v3.23 | giflib | 4.1.6-r0, 0, 5.2.1-r1 |
| Alpine:v3.17 | giflib | 4.1.6-r0, 0, 5.2.1-r1 |
Timeline
- Apr 25, 2022 CVE Published
- Dec 3, 2025 CVE Updated
- Apr 30, 2026 Distribution Patch