DSA-5228-1 gdk-pixbuf -- gdk-pixbufID: oval:org.secpod.oval:def:86412 | Date: (C)2023-01-02 (M)2023-08-16 |
Class: PATCH | Family: unix |
Several vulnerabilities were discovered in gdk-pixbuf, the GDK Pixbuf library. CVE-2021-44648 Sahil Dhar reported a heap-based buffer overflow vulnerability when decoding the lzw compressed stream of image data, which may result in the execution of arbitrary code or denial of service if a malformed GIF image is processed. CVE-2021-46829 Pedro Ribeiro reported a heap-based buffer overflow vulnerability when compositing or clearing frames in GIF files, which may result in the execution of arbitrary code or denial of service if a malformed GIF image is processed.
Product: |
libgdk-pixbuf-2.0-dev |
gdk-pixbuf-tests |
libgdk-pixbuf2.0-common |
libgdk-pixbuf2.0-doc |
gir1.2-gdkpixbuf-2.0 |
libgdk-pixbuf2.0-0-udeb |
libgdk-pixbuf-2.0-0 |
libgdk-pixbuf2.0-bin |