CVE-2026-3707

Source
https://cve.org/CVERecord?id=CVE-2026-3707
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-3707.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-3707
Published
2026-03-08T05:02:15.404Z
Modified
2026-07-15T16:00:31.894659Z
Severity
  • 1.9 (Low) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P CVSS Calculator
Summary
MrNanko webp4j gif_decoder.c DecodeGifFromMemory integer overflow
Details

A vulnerability was identified in MrNanko webp4j up to 1.3.x. The affected element is the function DecodeGifFromMemory of the file src/main/c/gifdecoder.c. Such manipulation of the argument canvasheight leads to integer overflow. Local access is required to approach this attack. The exploit is publicly available and might be used. The name of the patch is 89771b201c66d15d29e4cc016d8aae82b6a5fbe1. It is advisable to implement a patch to correct this issue.

Database specific
{
    "cwe_ids": [
        "CWE-189",
        "CWE-190"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/3xxx/CVE-2026-3707.json",
    "cna_assigner": "VulDB",
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "introduced": "1.0"
                },
                {
                    "last_affected": "1.0"
                },
                {
                    "introduced": "1.1"
                },
                {
                    "last_affected": "1.1"
                },
                {
                    "introduced": "1.2"
                },
                {
                    "last_affected": "1.2"
                }
            ],
            "source": "AFFECTED_FIELD"
        }
    ]
}
References

Affected packages

Git / github.com/mrnanko/webp4j

Affected ranges

Type
GIT
Repo
https://github.com/mrnanko/webp4j
Events
Database specific
{
    "extracted_events": [
        {
            "introduced": "1.3"
        },
        {
            "last_affected": "1.3"
        }
    ],
    "source": [
        "AFFECTED_FIELD",
        "REFERENCES"
    ]
}

Affected versions

1.*
1.3
v1.*
v1.3.0
v1.3.1
v1.4.0
v2.*
v2.0.0
v2.1.0

Database specific

vanir_signatures
[
    {
        "source": "https://github.com/mrnanko/webp4j/commit/89771b201c66d15d29e4cc016d8aae82b6a5fbe1",
        "signature_version": "v1",
        "signature_type": "Function",
        "digest": {
            "function_hash": "42668446530414014938816166552593643864",
            "length": 4104.0
        },
        "deprecated": false,
        "id": "CVE-2026-3707-04ddc3ac",
        "target": {
            "function": "DecodeGifFromMemory",
            "file": "src/main/c/gif_decoder.c"
        }
    },
    {
        "source": "https://github.com/mrnanko/webp4j/commit/89771b201c66d15d29e4cc016d8aae82b6a5fbe1",
        "signature_version": "v1",
        "signature_type": "Function",
        "digest": {
            "function_hash": "227948982794060938254518298605819358529",
            "length": 363.0
        },
        "deprecated": false,
        "id": "CVE-2026-3707-280da4db",
        "target": {
            "function": "normalizeArchitecture",
            "file": "src/main/java/dev/matrixlab/webp4j/internal/NativeLibraryLoader.java"
        }
    },
    {
        "source": "https://github.com/mrnanko/webp4j/commit/89771b201c66d15d29e4cc016d8aae82b6a5fbe1",
        "signature_version": "v1",
        "signature_type": "Function",
        "digest": {
            "function_hash": "188570849418308541548926808375914279532",
            "length": 142.0
        },
        "deprecated": false,
        "id": "CVE-2026-3707-71638b4b",
        "target": {
            "function": "CopyCanvas",
            "file": "src/main/c/gif_decoder.c"
        }
    },
    {
        "source": "https://github.com/mrnanko/webp4j/commit/89771b201c66d15d29e4cc016d8aae82b6a5fbe1",
        "signature_version": "v1",
        "signature_type": "Function",
        "digest": {
            "function_hash": "158508242893492129178145536851134571856",
            "length": 1159.0
        },
        "deprecated": false,
        "id": "CVE-2026-3707-7bae24e2",
        "target": {
            "function": "loadLibrary",
            "file": "src/main/java/dev/matrixlab/webp4j/internal/NativeLibraryLoader.java"
        }
    },
    {
        "source": "https://github.com/mrnanko/webp4j/commit/89771b201c66d15d29e4cc016d8aae82b6a5fbe1",
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "106198690454698231076202098175294652199",
                "192527245316786544260147551488870778891",
                "136096154756812870125689452892739812891",
                "334267714788691926786539440264157009362",
                "1025933495338715107924628573225367975",
                "110792717938310482361330294522106541865",
                "109997788787214152966558607096792120391",
                "124849187971867056264068906539095900162",
                "89648940020955920104318862273799735240",
                "273845666751439692845276152021673256519",
                "158778727141320049609649334215327272218",
                "60300563069387853021349463355307115337",
                "150864708495582598224417437925875396343",
                "94805813205207501816124469381415655661",
                "317952007023857935541696059138388079564",
                "262979034962008285584708119311429555208",
                "56125373973218130269362266436100547849",
                "278307784930818331076305194211520872074",
                "252806368523490589886804600850849272852",
                "274418206198208305455597426271191213516",
                "120064232608047806589210741890627174704",
                "273607465626294802593432821102418166034",
                "150864708495582598224417437925875396343",
                "94805813205207501816124469381415655661",
                "317952007023857935541696059138388079564",
                "262979034962008285584708119311429555208",
                "56125373973218130269362266436100547849",
                "278307784930818331076305194211520872074"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "id": "CVE-2026-3707-a8c65910",
        "target": {
            "file": "src/main/c/gif_decoder.c"
        }
    },
    {
        "source": "https://github.com/mrnanko/webp4j/commit/89771b201c66d15d29e4cc016d8aae82b6a5fbe1",
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "208754797056877622746327647649263757921",
                "109600497523256959754973286716062977676",
                "5644586150270252034169382084367440062",
                "100847207988383666965474142631062968799",
                "95092278483954945400982476180310313320",
                "329964101887342415006564091917590815583",
                "325023363606797553053555761102678027308",
                "62092307445720347380637447089850832535",
                "318626468290726914870541034624309364507",
                "262550149661610941308009083456228662283",
                "160914299178277232804233619890003780955",
                "217882878299209331658842558817725941951",
                "202129281971586960572398448102947248844"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "id": "CVE-2026-3707-b801100b",
        "target": {
            "file": "src/main/java/dev/matrixlab/webp4j/internal/NativeLibraryLoader.java"
        }
    },
    {
        "source": "https://github.com/mrnanko/webp4j/commit/89771b201c66d15d29e4cc016d8aae82b6a5fbe1",
        "signature_version": "v1",
        "signature_type": "Function",
        "digest": {
            "function_hash": "73824709701355064105577683088847427007",
            "length": 399.0
        },
        "deprecated": false,
        "id": "CVE-2026-3707-cccfeabe",
        "target": {
            "function": "ClearCanvas",
            "file": "src/main/c/gif_decoder.c"
        }
    },
    {
        "source": "https://github.com/mrnanko/webp4j/commit/89771b201c66d15d29e4cc016d8aae82b6a5fbe1",
        "signature_version": "v1",
        "signature_type": "Function",
        "digest": {
            "function_hash": "102688856272025505960770107051843433760",
            "length": 1452.0
        },
        "deprecated": false,
        "id": "CVE-2026-3707-d25ec758",
        "target": {
            "function": "GetGifInfo",
            "file": "src/main/c/gif_decoder.c"
        }
    }
]
vanir_signatures_modified
"2026-07-15T16:00:31Z"
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-3707.json"