GNOME GdkPixbu 2.42.6

CPE Details

GNOME GdkPixbu 2.42.6
gnome
gdkpixbuf
2.42.6
2023-09-25
11h16 +00:00
2023-09-25
11h16 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:gnome:gdkpixbuf:2.42.6:*:*:*:*:*:*:*

Informations

Vendor

gnome

Product

gdkpixbuf

Version

2.42.6

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2022-48622 2024-01-25 23h00 +00:00 In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or code execution attack. This occurs in gdk_pixbuf_set_option() in gdk-pixbuf.c.
7.8
Haute
CVE-2021-44648 2022-01-12 11h31 +00:00 GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12.
8.8
Haute
CVE-2005-2975 2005-11-18 10h00 +00:00 io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors.
7.8
CVE-2005-3186 2005-11-18 10h00 +00:00 Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows attackers to execute arbitrary code via an XPM file with a number of colors that causes insufficient memory to be allocated, which leads to a heap-based buffer overflow.
7.5