GNOME GDK-PixBuf 2.42.0

CPE Details

GNOME GDK-PixBuf 2.42.0
gnome
gdk-pixbuf
2.42.0
2020-12-29
14h07 +00:00
2020-12-29
14h07 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:gnome:gdk-pixbuf:2.42.0:*:*:*:*:*:*:*

Informations

Vendor

gnome

Product

gdk-pixbuf

Version

2.42.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-46829 2022-07-24 16h47 +00:00 GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. This overflow is controllable and could be abused for code execution, especially on 32-bit systems.
7.8
High
CVE-2020-29385 2020-12-26 01h01 +00:00 GNOME gdk-pixbuf (aka GdkPixbuf) before 2.42.2 allows a denial of service (infinite loop) in lzw.c in the function write_indexes. if c->self_code equals 10, self->code_table[10].extends will assign the value 11 to c. The next execution in the loop will assign self->code_table[11].extends to c, which will give the value of 10. This will make the loop run infinitely. This bug can, for example, be triggered by calling this function with a GIF image with LZW compression that is crafted in a special way.
5.5
Medium