Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/gdk-pixbuf@2.31.1-2

Type deb

Namespace debian

Name gdk-pixbuf

Version 2.31.1-2

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 2.36.5-2+deb9u2

Latest_non_vulnerable_version 2.36.5-2+deb9u2

Affected_by_vulnerabilities

url VCID-an9r-h7w3-s3c5

vulnerability_id VCID-an9r-h7w3-s3c5

summary arbitrary code execution

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6352
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6352

reference_url	https://security.archlinux.org/ASA-201610-9
reference_id	ASA-201610-9
reference_type
scores
url	https://security.archlinux.org/ASA-201610-9

reference_url	https://security.archlinux.org/ASA-201611-12
reference_id	ASA-201611-12
reference_type
scores
url	https://security.archlinux.org/ASA-201611-12

reference_url

https://security.archlinux.org/AVG-1

reference_id

AVG-1

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1

reference_url

https://security.archlinux.org/AVG-2

reference_id

AVG-2

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2

fixed_packages

url	pkg:deb/debian/gdk-pixbuf@2.36.5-2%2Bdeb9u2
purl	pkg:deb/debian/gdk-pixbuf@2.36.5-2%2Bdeb9u2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.36.5-2%252Bdeb9u2

aliases CVE-2016-6352

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-an9r-h7w3-s3c5

url VCID-qtnf-u4kt-ybav

vulnerability_id VCID-qtnf-u4kt-ybav

summary

Security researcher Gustavo Grieco reported a heap overflow
in gdk-pixbuf affecting Linux systems using Gnome. This issue is
triggered by the scaling of a malformed bitmap format image and results in a
potentially exploitable crash.
This issue only affects Linux systems running Gnome. Windows and
OS X operating systems are unaffected.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4491
reference_id	CVE-2015-4491
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4491

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-88

reference_id

mfsa2015-88

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-88

fixed_packages

url pkg:deb/debian/gdk-pixbuf@2.31.1-2%2Bdeb8u7

purl pkg:deb/debian/gdk-pixbuf@2.31.1-2%2Bdeb8u7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-an9r-h7w3-s3c5

vulnerability	VCID-qtnf-u4kt-ybav

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.31.1-2%252Bdeb8u7

url	pkg:deb/debian/gdk-pixbuf@2.36.5-2%2Bdeb9u2
purl	pkg:deb/debian/gdk-pixbuf@2.36.5-2%2Bdeb9u2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.36.5-2%252Bdeb9u2

aliases CVE-2015-4491

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qtnf-u4kt-ybav

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.31.1-2

Package Instance