rpm package

opensuse/eog&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/eog&distro=openSUSE%20Tumbleweed

Vulnerabilities (3)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2016-6855	Hig	7.5	< 3.20.5-1.1	3.20.5-1.1	Sep 7, 2016	Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invalid UTF-8 to GMarkup.
CVE-2013-7447	Med	6.5	< 3.20.5-1.1	3.20.5-1.1	Feb 17, 2016	Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gdkcairo.c in GTK+ before 3.9.8, as used in eom, gnome-photos, eog, gambas3, thunar, pinpoint, and possibly other applications, allows remote attackers to cause a denial of service (crash) via a large image file,
CVE-2008-5978		—	< 40.3-1.2	40.3-1.2	Jan 27, 2009	Multiple SQL injection vulnerabilities in Ocean12 Mailing List Manager Gold allow remote attackers to execute arbitrary SQL commands via the Email parameter to (1) default.asp and (2) s_edit.asp.

CVE-2016-6855HigSep 7, 2016
affected < 3.20.5-1.1fixed 3.20.5-1.1
Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invalid UTF-8 to GMarkup.
CVE-2013-7447MedFeb 17, 2016
affected < 3.20.5-1.1fixed 3.20.5-1.1
Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gdkcairo.c in GTK+ before 3.9.8, as used in eom, gnome-photos, eog, gambas3, thunar, pinpoint, and possibly other applications, allows remote attackers to cause a denial of service (crash) via a large image file,
CVE-2008-5978Jan 27, 2009
affected < 40.3-1.2fixed 40.3-1.2
Multiple SQL injection vulnerabilities in Ocean12 Mailing List Manager Gold allow remote attackers to execute arbitrary SQL commands via the Email parameter to (1) default.asp and (2) s_edit.asp.