Infinite Loop Vulnerability in MiniUPnP ngiflib by MiniUPnP
CVE-2018-11657

7.5HIGH

Key Information:

Vendor: Miniupnp Project
Status: Ngiflib
Vendor: CVE Published:; 1 June 2018

🔔 Create Miniupnp Project Vulnerability Alert

What is CVE-2018-11657?

The MiniUPnP ngiflib version 0.4 contains a vulnerability in the ngiflib.c file, specifically in the DecodeGifImg and LoadGif functions, which allows for an infinite loop to occur. This could potentially cause service disruptions and affect the performance of applications relying on this library. It is crucial for developers using ngiflib to assess their systems and apply necessary patches to mitigate this risk.

References

https://github.com/miniupnp/ngiflib/issues/7

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jun 1, 2018

CVE-2018-11657 Data

JSON