CVE-2021-36531

Name of the Vulnerable Software and Affected Versions ngiflib version 0.4

Description The issue is related to a heap overflow in the GetByte() function at ngiflib.c:70 when operating in NGIFLIB NO FILE mode. This occurs because GetByte() reads from a memory buffer without properly checking its boundaries.

Recommendations For ngiflib version 0.4, consider applying a patch or fix that properly bounds the memory buffer read by the GetByte() function to prevent the heap overflow. At the moment, there is no information about a newer version that contains a fix for this vulnerability.