{"id":"CVE-2018-10677","details":"The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 lacks certain checks against width and height, which allows remote attackers to cause a denial of service (WritePixels heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted GIF file.","modified":"2026-04-11T06:58:35.510490Z","published":"2018-05-02T19:29:00.230Z","references":[{"type":"FIX","url":"https://github.com/miniupnp/ngiflib/commit/b588a2249c7abbfc52173e32ee11d6facef82f89"},{"type":"EVIDENCE","url":"https://github.com/miniupnp/ngiflib/issues/1"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/miniupnp/ngiflib","events":[{"introduced":"0"},{"last_affected":"cc64f7cc8fc20a945f2abd2ca771e8611f7e4128"},{"fixed":"b588a2249c7abbfc52173e32ee11d6facef82f89"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.4"}]}}],"versions":["0.1","0.2","0.4"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-10677.json","vanir_signatures_modified":"2026-04-11T06:58:35Z","vanir_signatures":[{"digest":{"function_hash":"33508924308025978341435952235190963960","length":5096},"source":"https://github.com/miniupnp/ngiflib/commit/b588a2249c7abbfc52173e32ee11d6facef82f89","signature_version":"v1","target":{"file":"ngiflib.c","function":"DecodeGifImg"},"deprecated":false,"signature_type":"Function","id":"CVE-2018-10677-2ca45ac9"},{"digest":{"line_hashes":["198165980739250519361350111986338815638","264020577666351890927509109311843218964","205485030750798813326074664223607360255"],"threshold":0.9},"source":"https://github.com/miniupnp/ngiflib/commit/b588a2249c7abbfc52173e32ee11d6facef82f89","signature_version":"v1","target":{"file":"ngiflib.c"},"deprecated":false,"signature_type":"Line","id":"CVE-2018-10677-c1ba829a"}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}