Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnome gdkpixbuf vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-44648
GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12.
Gnome Gdkpixbuf 2.42.6
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 11.0
7.8
CVSSv3
CVE-2022-48622
In GNOME GdkPixbuf (aka gdk-pixbuf) up to and including 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an malicious user to overwrite heap ...
Gnome Gdkpixbuf
7.8
CVSSv3
CVE-2021-46829
GNOME GdkPixbuf (aka GDK-PixBuf) prior to 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. This overflow is controllable and could be abused for code execution, especially on 32-bit...
Gnome Gdk-pixbuf
Fedoraproject Fedora 35
Debian Debian Linux 11.0
7.8
CVSSv3
CVE-2017-12447
GdkPixBuf (aka gdk-pixbuf), possibly 2.32.2, as used by GNOME Nautilus 3.14.3 on Ubuntu 16.04, allows malicious users to cause a denial of service (stack corruption) or possibly have unspecified other impact via a crafted file folder.
Gnome Gdk-pixbuf 2.32.2
Gnome Nautilus 3.14.3
5.5
CVSSv3
CVE-2020-29385
GNOME gdk-pixbuf (aka GdkPixbuf) prior to 2.42.2 allows a denial of service (infinite loop) in lzw.c in the function write_indexes. if c->self_code equals 10, self->code_table[10].extends will assign the value 11 to c. The next execution in the loop will assign self->cod...
Gnome Gdk-pixbuf
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Fedoraproject Fedora 33
Fedoraproject Fedora 34
5.5
CVSSv3
CVE-2017-6312
Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent malicious users to cause a denial of service (segmentation fault and application crash) via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations.
Gnome Gdk-pixbuf
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 8.0
NA
CVE-2005-3186
Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows malicious users to execute arbitrary code via an XPM file with a number of colors that causes insufficient memory to be allocated, which leads to a heap-based buffer overflow.
Gnome Gdkpixbuf
Gtk Gtk+ 2.4.0
NA
CVE-2005-2975
io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ prior to 2.8.7 allows malicious users to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors.
Gnome Gdkpixbuf
Gnome Gtk
NA
CVE-2005-2976
Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ prior to 2.8.7 allows malicious users to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-2005-3186.
Gnome Gdkpixbuf 0.22
Gnome Gtk
NA
CVE-2004-0783
Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and previous versions, and gdk-pixbuf prior to 0.22, may allow remote malicious users to execute arbitrary code via a certain color string. NOTE: this identifier is ONLY for...
Gnome Gdkpixbuf 0.22
Gnome Gdkpixbuf 0.18
Gnome Gdkpixbuf 0.17
Gnome Gdkpixbuf 0.20
Gnome Gtk 2.0.2
Gnome Gtk 2.0.6
Gnome Gtk 2.2.1
Gnome Gtk 2.2.3
Gnome Gtk 2.2.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »