CVE-2026-8454

Name of the Vulnerable Software and Affected Versions Imager::File::GIF versions prior to 1.003

Description Imager::File::GIF for Perl allows a heap out of bounds (OOB) write when processing crafted multi-frame GIF files. This occurs because the i readgif multi low() function allocates a single per-row buffer GifRow based on the global screen width SWidth and reuses it for every image in the file. While the page-match branch validates if Image.Width + Image.Left exceeds SWidth before writing, the parallel skip-image branch calls DGifGetLine(GifFile, GifRow, Width) without performing this check.

Recommendations Update to a version later than 1.002.