Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/gdk-pixbuf@2.42.2%2Bdfsg-1%2Bdeb11u2

Type deb

Namespace debian

Name gdk-pixbuf

Version 2.42.2+dfsg-1+deb11u2

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 2.42.10+dfsg-1+deb12u4

Latest_non_vulnerable_version 2.44.6+dfsg-2

Affected_by_vulnerabilities

url VCID-jzz2-x2gk-8kf1

vulnerability_id VCID-jzz2-x2gk-8kf1

summary gdk‑pixbuf: Heap‑buffer‑overflow in gdk‑pixbuf

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-7345.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-7345.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-7345

reference_id

reference_type

scores

value	0.00375
scoring_system	epss
scoring_elements	0.59087
published_at	2026-04-02T12:55:00Z

value	0.00417
scoring_system	epss
scoring_elements	0.61753
published_at	2026-04-08T12:55:00Z

value	0.00417
scoring_system	epss
scoring_elements	0.61768
published_at	2026-04-09T12:55:00Z

value	0.00417
scoring_system	epss
scoring_elements	0.61777
published_at	2026-04-12T12:55:00Z

value	0.00417
scoring_system	epss
scoring_elements	0.61789
published_at	2026-04-11T12:55:00Z

value	0.00417
scoring_system	epss
scoring_elements	0.61788
published_at	2026-04-21T12:55:00Z

value	0.00417
scoring_system	epss
scoring_elements	0.61806
published_at	2026-04-18T12:55:00Z

value	0.00417
scoring_system	epss
scoring_elements	0.61801
published_at	2026-04-16T12:55:00Z

value	0.00417
scoring_system	epss
scoring_elements	0.61758
published_at	2026-04-13T12:55:00Z

value	0.00417
scoring_system	epss
scoring_elements	0.61733
published_at	2026-04-04T12:55:00Z

value	0.00417
scoring_system	epss
scoring_elements	0.61704
published_at	2026-04-07T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63775
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-7345

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7345
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7345

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109262
reference_id	1109262
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109262

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2377063

reference_id

2377063

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2377063

reference_url

https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/249

reference_id

249

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/

url

https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/249

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id	cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
reference_id	cpe:/a:redhat:enterprise_linux:8::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream
reference_id	cpe:/a:redhat:rhel_e4s:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream
reference_id	cpe:/a:redhat:rhel_e4s:8.8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
reference_id	cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream
reference_id	cpe:/a:redhat:rhel_tus:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream
reference_id	cpe:/a:redhat:rhel_tus:8.8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id	cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7
reference_id	cpe:/o:redhat:rhel_els:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
reference_id	cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2025-7345

reference_id

CVE-2025-7345

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/

url

https://access.redhat.com/security/cve/CVE-2025-7345

reference_url

https://access.redhat.com/errata/RHSA-2025:12841

reference_id

RHSA-2025:12841

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/

url

https://access.redhat.com/errata/RHSA-2025:12841

reference_url

https://access.redhat.com/errata/RHSA-2025:12862

reference_id

RHSA-2025:12862

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/

url

https://access.redhat.com/errata/RHSA-2025:12862

reference_url

https://access.redhat.com/errata/RHSA-2025:13315

reference_id

RHSA-2025:13315

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/

url

https://access.redhat.com/errata/RHSA-2025:13315

reference_url

https://access.redhat.com/errata/RHSA-2025:14574

reference_id

RHSA-2025:14574

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/

url

https://access.redhat.com/errata/RHSA-2025:14574

reference_url

https://access.redhat.com/errata/RHSA-2025:14575

reference_id

RHSA-2025:14575

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/

url

https://access.redhat.com/errata/RHSA-2025:14575

reference_url

https://access.redhat.com/errata/RHSA-2025:14576

reference_id

RHSA-2025:14576

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/

url

https://access.redhat.com/errata/RHSA-2025:14576

reference_url

https://access.redhat.com/errata/RHSA-2025:14585

reference_id

RHSA-2025:14585

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/

url

https://access.redhat.com/errata/RHSA-2025:14585

reference_url

https://access.redhat.com/errata/RHSA-2025:14618

reference_id

RHSA-2025:14618

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/

url

https://access.redhat.com/errata/RHSA-2025:14618

reference_url

https://access.redhat.com/errata/RHSA-2025:14646

reference_id

RHSA-2025:14646

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/

url

https://access.redhat.com/errata/RHSA-2025:14646

reference_url

https://access.redhat.com/errata/RHSA-2025:14647

reference_id

RHSA-2025:14647

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/

url

https://access.redhat.com/errata/RHSA-2025:14647

reference_url

https://access.redhat.com/errata/RHSA-2025:14683

reference_id

RHSA-2025:14683

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/

url

https://access.redhat.com/errata/RHSA-2025:14683

reference_url	https://usn.ubuntu.com/7662-1/
reference_id	USN-7662-1
reference_type
scores
url	https://usn.ubuntu.com/7662-1/

fixed_packages

url pkg:deb/debian/gdk-pixbuf@2.42.10%2Bdfsg-1%2Bdeb12u3

purl pkg:deb/debian/gdk-pixbuf@2.42.10%2Bdfsg-1%2Bdeb12u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-xg6z-9vh5-pbd6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.10%252Bdfsg-1%252Bdeb12u3

aliases CVE-2025-7345

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jzz2-x2gk-8kf1

url VCID-xg3j-c698-3kgu

vulnerability_id VCID-xg3j-c698-3kgu

summary gdk-pixbuf: Uninitialized Memory Disclosure in GdkPixbuf GIF LZW Decoder

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6199.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6199.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-6199

reference_id

reference_type

scores

value	0.00024
scoring_system	epss
scoring_elements	0.06633
published_at	2026-04-08T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.0655
published_at	2026-04-02T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06599
published_at	2026-04-04T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06582
published_at	2026-04-07T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06675
published_at	2026-04-09T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06676
published_at	2026-04-11T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06669
published_at	2026-04-12T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24378
published_at	2026-04-16T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24368
published_at	2026-04-18T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24361
published_at	2026-04-13T12:55:00Z

value	0.00102
scoring_system	epss
scoring_elements	0.279
published_at	2026-04-21T12:55:00Z

value	0.00102
scoring_system	epss
scoring_elements	0.27813
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-6199

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6199
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6199

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107994
reference_id	1107994
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107994

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2373147

reference_id

2373147

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:43:00Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2373147

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-6199

reference_id

CVE-2025-6199

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:43:00Z/

url

https://access.redhat.com/security/cve/CVE-2025-6199

reference_url	https://usn.ubuntu.com/7662-1/
reference_id	USN-7662-1
reference_type
scores
url	https://usn.ubuntu.com/7662-1/

fixed_packages

url pkg:deb/debian/gdk-pixbuf@2.42.10%2Bdfsg-1%2Bdeb12u3

purl pkg:deb/debian/gdk-pixbuf@2.42.10%2Bdfsg-1%2Bdeb12u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-xg6z-9vh5-pbd6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.10%252Bdfsg-1%252Bdeb12u3

aliases CVE-2025-6199

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xg3j-c698-3kgu

url VCID-xg6z-9vh5-pbd6

vulnerability_id VCID-xg6z-9vh5-pbd6

summary gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5201.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5201.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-5201

reference_id

reference_type

scores

value	0.0004
scoring_system	epss
scoring_elements	0.1222
published_at	2026-04-24T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12242
published_at	2026-04-21T12:55:00Z

value	0.00089
scoring_system	epss
scoring_elements	0.25544
published_at	2026-04-04T12:55:00Z

value	0.00089
scoring_system	epss
scoring_elements	0.25506
published_at	2026-04-02T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30711
published_at	2026-04-09T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30621
published_at	2026-04-07T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30679
published_at	2026-04-08T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30715
published_at	2026-04-11T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30669
published_at	2026-04-12T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30625
published_at	2026-04-13T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.32436
published_at	2026-04-16T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.32414
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-5201

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5201
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5201

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132501
reference_id	1132501
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132501

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2453291

reference_id

2453291

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:45:53Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2453291

reference_url

https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/304

reference_id

304

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:45:53Z/

url

https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/304

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2026-5201

reference_id

CVE-2026-5201

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:45:53Z/

url

https://access.redhat.com/security/cve/CVE-2026-5201

reference_url	https://usn.ubuntu.com/8156-1/
reference_id	USN-8156-1
reference_type
scores
url	https://usn.ubuntu.com/8156-1/

fixed_packages

url pkg:deb/debian/gdk-pixbuf@2.42.10%2Bdfsg-1%2Bdeb12u3

purl pkg:deb/debian/gdk-pixbuf@2.42.10%2Bdfsg-1%2Bdeb12u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-xg6z-9vh5-pbd6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.10%252Bdfsg-1%252Bdeb12u3

url	pkg:deb/debian/gdk-pixbuf@2.42.10%2Bdfsg-1%2Bdeb12u4
purl	pkg:deb/debian/gdk-pixbuf@2.42.10%2Bdfsg-1%2Bdeb12u4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.10%252Bdfsg-1%252Bdeb12u4

url	pkg:deb/debian/gdk-pixbuf@2.42.12%2Bdfsg-4%2Bdeb13u1
purl	pkg:deb/debian/gdk-pixbuf@2.42.12%2Bdfsg-4%2Bdeb13u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.12%252Bdfsg-4%252Bdeb13u1

url	pkg:deb/debian/gdk-pixbuf@2.44.6%2Bdfsg-1
purl	pkg:deb/debian/gdk-pixbuf@2.44.6%2Bdfsg-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.44.6%252Bdfsg-1

url	pkg:deb/debian/gdk-pixbuf@2.44.6%2Bdfsg-2
purl	pkg:deb/debian/gdk-pixbuf@2.44.6%2Bdfsg-2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.44.6%252Bdfsg-2

aliases CVE-2026-5201

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xg6z-9vh5-pbd6

Fixing_vulnerabilities

url VCID-2a49-ryer-vkhd

vulnerability_id VCID-2a49-ryer-vkhd

summary

Out-of-bounds Write
GNOME gdk-pixbuf is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals `12`

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44648.json

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44648.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-44648

reference_id

reference_type

scores

value	0.00153
scoring_system	epss
scoring_elements	0.35934
published_at	2026-04-01T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36125
published_at	2026-04-02T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36155
published_at	2026-04-04T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.3599
published_at	2026-04-07T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.3604
published_at	2026-04-08T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36062
published_at	2026-04-09T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36069
published_at	2026-04-11T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.3603
published_at	2026-04-18T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36004
published_at	2026-04-13T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36044
published_at	2026-04-16T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.35978
published_at	2026-04-21T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.3575
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-44648

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44648
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44648

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46829
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46829

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/136
reference_id
reference_type
scores
url	https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/136

reference_url	https://sahildhar.github.io/blogpost/GdkPixbuf-Heap-Buffer-Overflow-in-lzw_decoder_new/
reference_id
reference_type
scores
url	https://sahildhar.github.io/blogpost/GdkPixbuf-Heap-Buffer-Overflow-in-lzw_decoder_new/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014600
reference_id	1014600
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014600

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2043722
reference_id	2043722
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2043722

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-44648
reference_id	CVE-2021-44648
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-44648

reference_url	https://access.redhat.com/errata/RHSA-2023:2216
reference_id	RHSA-2023:2216
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2216

reference_url	https://usn.ubuntu.com/5607-1/
reference_id	USN-5607-1
reference_type
scores
url	https://usn.ubuntu.com/5607-1/

fixed_packages

url pkg:deb/debian/gdk-pixbuf@2.42.2%2Bdfsg-1%2Bdeb11u2

purl pkg:deb/debian/gdk-pixbuf@2.42.2%2Bdfsg-1%2Bdeb11u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jzz2-x2gk-8kf1

vulnerability	VCID-xg3j-c698-3kgu

vulnerability	VCID-xg6z-9vh5-pbd6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.2%252Bdfsg-1%252Bdeb11u2

aliases CVE-2021-44648

risk_score 3.3

exploitability 0.5

weighted_severity 6.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2a49-ryer-vkhd

url VCID-4zm2-zv71-jfat

vulnerability_id VCID-4zm2-zv71-jfat

summary

A vulnerability in GDK-PixBuf library could lead to a Denial of
    Service condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29385.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29385.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-29385

reference_id

reference_type

scores

value	0.00634
scoring_system	epss
scoring_elements	0.70315
published_at	2026-04-01T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.7046
published_at	2026-04-24T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.70419
published_at	2026-04-16T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.70428
published_at	2026-04-18T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.70409
published_at	2026-04-21T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.70328
published_at	2026-04-02T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.70345
published_at	2026-04-04T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.70322
published_at	2026-04-07T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.70367
published_at	2026-04-08T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.70382
published_at	2026-04-09T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.70406
published_at	2026-04-11T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.70391
published_at	2026-04-12T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.70377
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-29385

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29385
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29385

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1927237
reference_id	1927237
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1927237

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977166
reference_id	977166
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977166

reference_url	https://security.archlinux.org/ASA-202012-19
reference_id	ASA-202012-19
reference_type
scores
url	https://security.archlinux.org/ASA-202012-19

reference_url	https://security.archlinux.org/ASA-202012-20
reference_id	ASA-202012-20
reference_type
scores
url	https://security.archlinux.org/ASA-202012-20

reference_url

https://security.archlinux.org/AVG-1328

reference_id

AVG-1328

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1328

reference_url

https://security.archlinux.org/AVG-1329

reference_id

AVG-1329

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1329

reference_url	https://security.gentoo.org/glsa/202012-15
reference_id	GLSA-202012-15
reference_type
scores
url	https://security.gentoo.org/glsa/202012-15

reference_url	https://usn.ubuntu.com/4663-1/
reference_id	USN-4663-1
reference_type
scores
url	https://usn.ubuntu.com/4663-1/

fixed_packages

url pkg:deb/debian/gdk-pixbuf@2.42.2%2Bdfsg-1%2Bdeb11u2

purl pkg:deb/debian/gdk-pixbuf@2.42.2%2Bdfsg-1%2Bdeb11u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jzz2-x2gk-8kf1

vulnerability	VCID-xg3j-c698-3kgu

vulnerability	VCID-xg6z-9vh5-pbd6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.2%252Bdfsg-1%252Bdeb11u2

aliases CVE-2020-29385

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4zm2-zv71-jfat

url VCID-juwv-p63q-8ffy

vulnerability_id VCID-juwv-p63q-8ffy

summary gdk-pixbuf: heap-based buffer overflow when compositing or clearing frames in GIF files

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46829.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46829.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-46829

reference_id

reference_type

scores

value	0.00425
scoring_system	epss
scoring_elements	0.62096
published_at	2026-04-01T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62256
published_at	2026-04-24T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62262
published_at	2026-04-18T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62246
published_at	2026-04-21T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62157
published_at	2026-04-02T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62187
published_at	2026-04-04T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62155
published_at	2026-04-07T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62205
published_at	2026-04-08T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62223
published_at	2026-04-09T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62241
published_at	2026-04-11T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.6223
published_at	2026-04-12T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62209
published_at	2026-04-13T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62255
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-46829

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44648
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44648

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46829
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46829

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2114940
reference_id	2114940
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2114940

reference_url

https://security.archlinux.org/AVG-2786

reference_id

AVG-2786

reference_type

scores

value	Unknown
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2786

reference_url	https://access.redhat.com/errata/RHSA-2023:2216
reference_id	RHSA-2023:2216
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2216

reference_url	https://usn.ubuntu.com/5554-1/
reference_id	USN-5554-1
reference_type
scores
url	https://usn.ubuntu.com/5554-1/

fixed_packages

url pkg:deb/debian/gdk-pixbuf@2.42.2%2Bdfsg-1%2Bdeb11u2

purl pkg:deb/debian/gdk-pixbuf@2.42.2%2Bdfsg-1%2Bdeb11u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jzz2-x2gk-8kf1

vulnerability	VCID-xg3j-c698-3kgu

vulnerability	VCID-xg6z-9vh5-pbd6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.2%252Bdfsg-1%252Bdeb11u2

aliases CVE-2021-46829

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-juwv-p63q-8ffy

url VCID-pf79-yf2z-syem

vulnerability_id VCID-pf79-yf2z-syem

summary

Out-of-bounds Write
In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or code execution attack. This occurs in gdk_pixbuf_set_option() in gdk-pixbuf.c.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48622.json

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48622.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-48622

reference_id

reference_type

scores

value	0.00077
scoring_system	epss
scoring_elements	0.23131
published_at	2026-04-02T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.22819
published_at	2026-04-24T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23031
published_at	2026-04-16T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23022
published_at	2026-04-18T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.22984
published_at	2026-04-21T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23175
published_at	2026-04-04T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.22965
published_at	2026-04-07T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23039
published_at	2026-04-08T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23092
published_at	2026-04-09T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23111
published_at	2026-04-11T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23075
published_at	2026-04-12T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23018
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-48622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48622

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/202

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-26T19:23:51Z/

url

https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/202

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071265
reference_id	1071265
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071265

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2260545
reference_id	2260545
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2260545

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2022-48622
reference_id	CVE-2022-48622
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2022-48622

reference_url	https://access.redhat.com/errata/RHSA-2024:3341
reference_id	RHSA-2024:3341
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3341

reference_url	https://access.redhat.com/errata/RHSA-2024:3834
reference_id	RHSA-2024:3834
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3834

reference_url	https://usn.ubuntu.com/6806-1/
reference_id	USN-6806-1
reference_type
scores
url	https://usn.ubuntu.com/6806-1/

fixed_packages

url pkg:deb/debian/gdk-pixbuf@2.42.2%2Bdfsg-1%2Bdeb11u2

purl pkg:deb/debian/gdk-pixbuf@2.42.2%2Bdfsg-1%2Bdeb11u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jzz2-x2gk-8kf1

vulnerability	VCID-xg3j-c698-3kgu

vulnerability	VCID-xg6z-9vh5-pbd6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.2%252Bdfsg-1%252Bdeb11u2

aliases CVE-2022-48622

risk_score 3.3

exploitability 0.5

weighted_severity 6.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pf79-yf2z-syem

url VCID-vcfh-3p9e-4uc3

vulnerability_id VCID-vcfh-3p9e-4uc3

summary gdk-pixbuf: integer wraparound in the GIF loader of gdk-pixbuf via crafted input leads to segmentation fault

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20240.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20240.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-20240

reference_id

reference_type

scores

value	0.00794
scoring_system	epss
scoring_elements	0.73884
published_at	2026-04-01T12:55:00Z

value	0.00794
scoring_system	epss
scoring_elements	0.73894
published_at	2026-04-02T12:55:00Z

value	0.00794
scoring_system	epss
scoring_elements	0.73918
published_at	2026-04-04T12:55:00Z

value	0.00794
scoring_system	epss
scoring_elements	0.73889
published_at	2026-04-07T12:55:00Z

value	0.00794
scoring_system	epss
scoring_elements	0.73924
published_at	2026-04-08T12:55:00Z

value	0.00794
scoring_system	epss
scoring_elements	0.73937
published_at	2026-04-09T12:55:00Z

value	0.00794
scoring_system	epss
scoring_elements	0.73959
published_at	2026-04-11T12:55:00Z

value	0.00794
scoring_system	epss
scoring_elements	0.73941
published_at	2026-04-12T12:55:00Z

value	0.00794
scoring_system	epss
scoring_elements	0.73933
published_at	2026-04-13T12:55:00Z

value	0.00794
scoring_system	epss
scoring_elements	0.73974
published_at	2026-04-16T12:55:00Z

value	0.00794
scoring_system	epss
scoring_elements	0.73983
published_at	2026-04-18T12:55:00Z

value	0.00794
scoring_system	epss
scoring_elements	0.73975
published_at	2026-04-21T12:55:00Z

value	0.00794
scoring_system	epss
scoring_elements	0.74008
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-20240

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20240
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20240

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1926787
reference_id	1926787
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1926787

reference_url	https://usn.ubuntu.com/4743-1/
reference_id	USN-4743-1
reference_type
scores
url	https://usn.ubuntu.com/4743-1/

fixed_packages

url pkg:deb/debian/gdk-pixbuf@2.42.2%2Bdfsg-1%2Bdeb11u2

purl pkg:deb/debian/gdk-pixbuf@2.42.2%2Bdfsg-1%2Bdeb11u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jzz2-x2gk-8kf1

vulnerability	VCID-xg3j-c698-3kgu

vulnerability	VCID-xg6z-9vh5-pbd6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.2%252Bdfsg-1%252Bdeb11u2

aliases CVE-2021-20240

risk_score 3.6

exploitability 0.5

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vcfh-3p9e-4uc3

Risk_score 3.4

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.2%252Bdfsg-1%252Bdeb11u2

Package Instance