Every CVE whose affected-product data names Gnome Gdk-pixbuf, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (20)
CVE-2011-2897 — CVSS 9.8 (critical): gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw
CVE-2017-1000422 — CVSS 8.8 (high): Gnome gdk-pixbuf 2.36.8 and older is vulnerable to several integer overflow in the gif_get_lzw function resulting in memory corruption and…
CVE-2021-20240 — CVSS 8.8 (high): A flaw was found in gdk-pixbuf in versions before 2.42.0. An integer wraparound leading to an out of bounds write can occur when a crafted…
CVE-2017-12447 — CVSS 7.8 (high): GdkPixBuf (aka gdk-pixbuf), possibly 2.32.2, as used by GNOME Nautilus 3.14.3 on Ubuntu 16.04, allows attackers to cause a denial of…
CVE-2017-2870 — CVSS 7.8 (high): An exploitable integer overflow vulnerability exists in the tiff_image_parse functionality of Gdk-Pixbuf 2.36.6 when compiled with Clang. A…
CVE-2017-2862 — CVSS 7.8 (high): An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6. A…
CVE-2015-8875 — CVSS 7.8 (high): Multiple integer overflows in the (1) pixops_composite_nearest, (2) pixops_composite_color_nearest, and (3) pixops_process functions in…
CVE-2021-46829 — CVSS 7.8 (high): GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as…
CVE-2026-5201 — CVSS 7.5 (high): A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper…
CVE-2016-6352 — CVSS 7.5 (high): The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service (out-of-bounds write…
CVE-2017-6311 — CVSS 7.5 (high): gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (NULL pointer dereference and…
CVE-2017-6313 — CVSS 7.1 (high): Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service…
CVE-2015-7673 — CVSS 6.8 (medium): io-tga.c in gdk-pixbuf before 2.32.0 uses heap memory after its allocation failed, which allows remote attackers to cause a denial of…
CVE-2015-4491 — CVSS 6.8 (medium): Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0…
CVE-2015-7674 — CVSS 6.8 (medium): Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a…
CVE-2017-6314 — CVSS 5.5 (medium): The make_available_at_least function in io-tiff.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (infinite…
CVE-2020-29385 — CVSS 5.5 (medium): GNOME gdk-pixbuf (aka GdkPixbuf) before 2.42.2 allows a denial of service (infinite loop) in lzw.c in the function write_indexes. if…
CVE-2017-6312 — CVSS 5.5 (medium): Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (segmentation fault and…
CVE-2012-2370 — CVSS 5.0 (medium): Multiple integer overflows in the read_bitmap_file_data function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a…
CVE-2011-2485 — CVSS 4.3 (medium): The gdk_pixbuf__gif_image_load function in gdk-pixbuf/io-gif.c in gdk-pixbuf before 2.23.5 does not properly handle certain return values…