Dileep Kumar Jallepalli

**Name of the Vulnerable Software and Affected Versions** apng2gif version 1.7 **Description** An issue was discovered related to an integer overflow, resulting in a heap-based buffer over-read. This issue is connected to the `load apng` function and the `imagesize` variable. **Recommendations** For apng2gif version 1.7, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** apng2gif version 1.7 **Description** An issue was discovered where improper sanitization of user input leads to huge memory allocations, causing a crash. This issue is related to the `read chunk` function using the `pChunk->size` value within the PNG file to determine the amount of memory to allocate. **Recommendations** For apng2gif version 1.7, consider restricting the input to prevent huge memory allocations until a patch is available. As a temporary workaround, limiting the `pChunk->size` value used by the `read chunk` function could help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** apng2gif version 1.7 **Description** An issue was discovered related to an integer overflow, resulting in a heap-based buffer overflow. This issue is connected to the `read chunk` function, which performs an unchecked addition of 12. **Recommendations** For apng2gif version 1.7, consider applying a patch or fix that checks for integer overflows in the `read chunk` function to prevent heap-based buffer overflows. As a temporary workaround, restrict the use of the `read chunk` function until a patch is available.