High severity7.5NVD Advisory· Published Jul 8, 2025· Updated Apr 15, 2026
CVE-2025-7345
CVE-2025-7345
Description
A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
15- access.redhat.com/errata/RHSA-2025:12841nvd
- access.redhat.com/errata/RHSA-2025:12862nvd
- access.redhat.com/errata/RHSA-2025:13315nvd
- access.redhat.com/errata/RHSA-2025:14574nvd
- access.redhat.com/errata/RHSA-2025:14575nvd
- access.redhat.com/errata/RHSA-2025:14576nvd
- access.redhat.com/errata/RHSA-2025:14585nvd
- access.redhat.com/errata/RHSA-2025:14618nvd
- access.redhat.com/errata/RHSA-2025:14646nvd
- access.redhat.com/errata/RHSA-2025:14647nvd
- access.redhat.com/errata/RHSA-2025:14683nvd
- access.redhat.com/security/cve/CVE-2025-7345nvd
- bugzilla.redhat.com/show_bug.cginvd
- gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/249nvd
- lists.debian.org/debian-lts-announce/2025/10/msg00024.htmlnvd
News mentions
0No linked articles in our index yet.