rpm package
suse/gdk-pixbuf&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
pkg:rpm/suse/gdk-pixbuf&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-48622 | — | < 2.40.0-150200.3.12.1 | 2.40.0-150200.3.12.1 | Jan 26, 2024 | In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading | ||
| CVE-2021-44648 | — | < 2.40.0-150200.3.9.1 | 2.40.0-150200.3.9.1 | Jan 12, 2022 | GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12. |
- CVE-2022-48622Jan 26, 2024affected < 2.40.0-150200.3.12.1fixed 2.40.0-150200.3.12.1
In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading
- CVE-2021-44648Jan 12, 2022affected < 2.40.0-150200.3.9.1fixed 2.40.0-150200.3.9.1
GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12.