Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnome gdkpixbuf vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-48622
In GNOME GdkPixbuf (aka gdk-pixbuf) up to and including 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an malicious user to overwrite heap ...
Gnome Gdkpixbuf
NA
CVE-2021-46829
GNOME GdkPixbuf (aka GDK-PixBuf) prior to 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. This overflow is controllable and could be abused for code execution, especially on 32-bit...
Gnome Gdk-pixbuf
Fedoraproject Fedora 35
Debian Debian Linux 11.0
6.8
CVSSv2
CVE-2021-44648
GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12.
Gnome Gdkpixbuf 2.42.6
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 11.0
4.3
CVSSv2
CVE-2020-29385
GNOME gdk-pixbuf (aka GdkPixbuf) prior to 2.42.2 allows a denial of service (infinite loop) in lzw.c in the function write_indexes. if c->self_code equals 10, self->code_table[10].extends will assign the value 11 to c. The next execution in the loop will assign self->cod...
Gnome Gdk-pixbuf
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Fedoraproject Fedora 33
Fedoraproject Fedora 34
6.8
CVSSv2
CVE-2017-12447
GdkPixBuf (aka gdk-pixbuf), possibly 2.32.2, as used by GNOME Nautilus 3.14.3 on Ubuntu 16.04, allows malicious users to cause a denial of service (stack corruption) or possibly have unspecified other impact via a crafted file folder.
Gnome Nautilus 3.14.3
Gnome Gdk-pixbuf 2.32.2
4.3
CVSSv2
CVE-2017-6312
Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent malicious users to cause a denial of service (segmentation fault and application crash) via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations.
Gnome Gdk-pixbuf
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 8.0
7.5
CVSSv2
CVE-2005-3186
Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows malicious users to execute arbitrary code via an XPM file with a number of colors that causes insufficient memory to be allocated, which leads to a heap-based buffer overflow.
Gnome Gdkpixbuf
Gtk Gtk\\+ 2.4.0
7.8
CVSSv2
CVE-2005-2975
io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ prior to 2.8.7 allows malicious users to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors.
Gnome Gdkpixbuf
Gnome Gtk
7.5
CVSSv2
CVE-2005-2976
Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ prior to 2.8.7 allows malicious users to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-2005-3186.
Gnome Gdkpixbuf 0.22
Gnome Gtk
5
CVSSv2
CVE-2004-0753
The BMP image processor for (1) gdk-pixbuf prior to 0.22 and (2) gtk2 prior to 2.2.4 allows remote malicious users to cause a denial of service (infinite loop) via a crafted BMP file.
Gnome Gdkpixbuf 0.22
Gnome Gdkpixbuf 0.18
Gnome Gdkpixbuf 0.17
Gnome Gdkpixbuf 0.20
Gnome Gtk
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »