VDB

CVE-2022-1507

CVE-2022-1507 PUBLISHED CVSS 5.5 MEDIUM

chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file. in GitHub repository hpjansson/chafa prior to 1.10.2. chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file.

EPSS 0.32% · 55.0th percentile

Risk Scores

CVSS 3.0
5.5
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.32%
55.0th percentile

Affected Products

VendorProductVersions
fedoraprojectfedora34, 35, 36
hpjanssonhpjansson/chafa*
chafa_projectchafa0

Timeline

  • Apr 27, 2022 CVE Published
  • Apr 28, 2022 EPSS Score
  • Jun 17, 2022 EPSS Score
  • Aug 6, 2022 EPSS Score
  • Sep 25, 2022 EPSS Score
  • Nov 14, 2022 EPSS Score
  • Jan 3, 2023 EPSS Score
  • Feb 21, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 12, 2023 EPSS Score
  • Jun 1, 2023 EPSS Score
  • Jul 21, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›