Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/gdk-pixbuf@2.36.5-2%2Bdeb9u2
purl pkg:deb/debian/gdk-pixbuf@2.36.5-2%2Bdeb9u2
Next non-vulnerable version 2.44.6+dfsg-2
Latest non-vulnerable version 2.44.6+dfsg-2
Risk 4.0
Vulnerabilities affecting this package (14)
Vulnerability Summary Fixed by
VCID-1ytk-9srj-zfff
Aliases:
CVE-2017-2870
gdk-pixbuf2: Integer overflow in tiff_image_parse function
2.38.1+dfsg-1
Affected by 7 other vulnerabilities.
VCID-2a49-ryer-vkhd
Aliases:
CVE-2021-44648
Out-of-bounds Write GNOME gdk-pixbuf is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals `12`
2.42.2+dfsg-1+deb11u2
Affected by 3 other vulnerabilities.
VCID-37b2-h2nn-ufa8
Aliases:
CVE-2017-6313
Multiple vulnerabilities have been found in GDK-PixBuf, the worst of which could result in the execution of arbitrary code.
2.38.1+dfsg-1
Affected by 7 other vulnerabilities.
VCID-4jf2-xww4-mfau
Aliases:
CVE-2017-6312
Multiple vulnerabilities have been found in GDK-PixBuf, the worst of which could result in the execution of arbitrary code.
2.38.1+dfsg-1
Affected by 7 other vulnerabilities.
VCID-4zm2-zv71-jfat
Aliases:
CVE-2020-29385
A vulnerability in GDK-PixBuf library could lead to a Denial of Service condition.
2.42.2+dfsg-1+deb11u2
Affected by 3 other vulnerabilities.
VCID-7cp9-37h3-tkhq
Aliases:
CVE-2017-6314
Multiple vulnerabilities have been found in GDK-PixBuf, the worst of which could result in the execution of arbitrary code.
2.38.1+dfsg-1
Affected by 7 other vulnerabilities.
VCID-juwv-p63q-8ffy
Aliases:
CVE-2021-46829
gdk-pixbuf: heap-based buffer overflow when compositing or clearing frames in GIF files
2.42.2+dfsg-1+deb11u2
Affected by 3 other vulnerabilities.
VCID-jzz2-x2gk-8kf1
Aliases:
CVE-2025-7345
gdk‑pixbuf: Heap‑buffer‑overflow in gdk‑pixbuf
2.42.10+dfsg-1+deb12u3
Affected by 1 other vulnerability.
VCID-pf79-yf2z-syem
Aliases:
CVE-2022-48622
Out-of-bounds Write In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or code execution attack. This occurs in gdk_pixbuf_set_option() in gdk-pixbuf.c.
2.42.2+dfsg-1+deb11u2
Affected by 3 other vulnerabilities.
VCID-q8wp-65d8-yqcr
Aliases:
CVE-2017-6311
Multiple vulnerabilities have been found in GDK-PixBuf, the worst of which could result in the execution of arbitrary code.
2.38.1+dfsg-1
Affected by 7 other vulnerabilities.
VCID-vcfh-3p9e-4uc3
Aliases:
CVE-2021-20240
gdk-pixbuf: integer wraparound in the GIF loader of gdk-pixbuf via crafted input leads to segmentation fault
2.42.2+dfsg-1+deb11u2
Affected by 3 other vulnerabilities.
VCID-xg3j-c698-3kgu
Aliases:
CVE-2025-6199
gdk-pixbuf: Uninitialized Memory Disclosure in GdkPixbuf GIF LZW Decoder
2.42.10+dfsg-1+deb12u3
Affected by 1 other vulnerability.
VCID-y1sm-7uec-1bc5
Aliases:
CVE-2017-2862
security update
2.38.1+dfsg-1
Affected by 7 other vulnerabilities.
VCID-zu3p-941y-nydy
Aliases:
CVE-2017-1000422
A vulnerability has been found in GDK-PixBuf that may allow a remote attacker to execute arbitrary code.
2.38.1+dfsg-1
Affected by 7 other vulnerabilities.
Vulnerabilities fixed by this package (9)
Vulnerability Summary Aliases
VCID-7hwy-9gdx-rya8 gdk-pixbuf: heap-based overflow caused by invalid palette size CVE-2017-12447
VCID-drq5-6jps-skax Multiple vulnerabilities have been found in Firefox, Thunderbird, Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with the worst of which may allow remote execution of arbitrary code. CVE-2015-4491
VCID-hfkx-cat3-puf8 gdk-pixbuf: Out-of-bounds write in OneLine32() function CVE-2016-6352
VCID-k2ph-py3f-aycu Multiple buffer overflow vulnerabilities in gdk-pixbuf may allow remote attackers to execute arbitrary code or cause Denial of Service. CVE-2015-7673
VCID-ku5p-8cre-xkee security update CVE-2015-8875
VCID-qwv5-ntpt-mbbp Multiple buffer overflow vulnerabilities in gdk-pixbuf may allow remote attackers to execute arbitrary code or cause Denial of Service. CVE-2015-7674
VCID-rzj1-83cd-4yer security update CVE-2015-7552
VCID-y1sm-7uec-1bc5 security update CVE-2017-2862
VCID-zu3p-941y-nydy A vulnerability has been found in GDK-PixBuf that may allow a remote attacker to execute arbitrary code. CVE-2017-1000422

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T23:59:48.925285+00:00 Debian Oval Importer Affected by VCID-4zm2-zv71-jfat https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T23:45:01.004116+00:00 Debian Oval Importer Fixing VCID-k2ph-py3f-aycu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:36:09.887057+00:00 Debian Oval Importer Affected by VCID-q8wp-65d8-yqcr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:32:43.906694+00:00 Debian Oval Importer Affected by VCID-vcfh-3p9e-4uc3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:13:32.073784+00:00 Debian Oval Importer Affected by VCID-y1sm-7uec-1bc5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:12:08.107501+00:00 Debian Oval Importer Affected by VCID-zu3p-941y-nydy https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T21:07:44.512359+00:00 Debian Oval Importer Affected by VCID-xg3j-c698-3kgu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T21:00:50.983713+00:00 Debian Oval Importer Affected by VCID-4jf2-xww4-mfau https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:32:38.685338+00:00 Debian Oval Importer Affected by VCID-pf79-yf2z-syem https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T19:49:27.836352+00:00 Debian Oval Importer Fixing VCID-hfkx-cat3-puf8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T18:51:38.916577+00:00 Debian Oval Importer Affected by VCID-7cp9-37h3-tkhq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T18:48:03.990611+00:00 Debian Oval Importer Fixing VCID-qwv5-ntpt-mbbp https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T18:31:29.079788+00:00 Debian Oval Importer Affected by VCID-juwv-p63q-8ffy https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T18:13:55.723779+00:00 Debian Oval Importer Affected by VCID-1ytk-9srj-zfff https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:54:06.351573+00:00 Debian Oval Importer Affected by VCID-jzz2-x2gk-8kf1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:51:37.535399+00:00 Debian Oval Importer Affected by VCID-2a49-ryer-vkhd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:47:53.228734+00:00 Debian Oval Importer Fixing VCID-ku5p-8cre-xkee https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:37:10.355184+00:00 Debian Oval Importer Fixing VCID-7hwy-9gdx-rya8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:16:30.995863+00:00 Debian Oval Importer Fixing VCID-drq5-6jps-skax https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:11:21.468991+00:00 Debian Oval Importer Affected by VCID-37b2-h2nn-ufa8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:35:49.328510+00:00 Debian Oval Importer Fixing VCID-rzj1-83cd-4yer https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T14:36:33.223909+00:00 Debian Oval Importer Fixing VCID-zu3p-941y-nydy https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 38.4.0
2026-04-15T14:05:47.593639+00:00 Debian Oval Importer Fixing VCID-y1sm-7uec-1bc5 https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 38.4.0
2026-04-11T23:34:01.044171+00:00 Debian Oval Importer Affected by VCID-4zm2-zv71-jfat https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T23:19:41.262077+00:00 Debian Oval Importer Fixing VCID-k2ph-py3f-aycu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:13:00.041860+00:00 Debian Oval Importer Affected by VCID-q8wp-65d8-yqcr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:09:41.480627+00:00 Debian Oval Importer Affected by VCID-vcfh-3p9e-4uc3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T21:51:13.114348+00:00 Debian Oval Importer Affected by VCID-y1sm-7uec-1bc5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T21:49:52.245187+00:00 Debian Oval Importer Affected by VCID-zu3p-941y-nydy https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:47:44.663653+00:00 Debian Oval Importer Affected by VCID-xg3j-c698-3kgu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:41:07.481036+00:00 Debian Oval Importer Affected by VCID-4jf2-xww4-mfau https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:13:57.485912+00:00 Debian Oval Importer Affected by VCID-pf79-yf2z-syem https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T19:31:45.786778+00:00 Debian Oval Importer Fixing VCID-hfkx-cat3-puf8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T18:36:10.769012+00:00 Debian Oval Importer Affected by VCID-7cp9-37h3-tkhq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T18:32:43.587493+00:00 Debian Oval Importer Fixing VCID-qwv5-ntpt-mbbp https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T18:16:18.734730+00:00 Debian Oval Importer Affected by VCID-juwv-p63q-8ffy https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:59:21.236142+00:00 Debian Oval Importer Affected by VCID-1ytk-9srj-zfff https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:40:04.329058+00:00 Debian Oval Importer Affected by VCID-jzz2-x2gk-8kf1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:37:35.657474+00:00 Debian Oval Importer Affected by VCID-2a49-ryer-vkhd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:33:49.081025+00:00 Debian Oval Importer Fixing VCID-ku5p-8cre-xkee https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:24:08.395387+00:00 Debian Oval Importer Fixing VCID-7hwy-9gdx-rya8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:03:51.335076+00:00 Debian Oval Importer Fixing VCID-drq5-6jps-skax https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:58:48.404482+00:00 Debian Oval Importer Affected by VCID-37b2-h2nn-ufa8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:23:45.203292+00:00 Debian Oval Importer Fixing VCID-rzj1-83cd-4yer https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T14:24:50.069313+00:00 Debian Oval Importer Fixing VCID-zu3p-941y-nydy https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 38.3.0
2026-04-11T13:54:23.398132+00:00 Debian Oval Importer Fixing VCID-y1sm-7uec-1bc5 https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 38.3.0
2026-04-08T23:06:43.874261+00:00 Debian Oval Importer Affected by VCID-4zm2-zv71-jfat https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T22:53:03.420822+00:00 Debian Oval Importer Fixing VCID-k2ph-py3f-aycu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:49:24.107172+00:00 Debian Oval Importer Affected by VCID-q8wp-65d8-yqcr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:46:13.809537+00:00 Debian Oval Importer Affected by VCID-vcfh-3p9e-4uc3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:28:44.225667+00:00 Debian Oval Importer Affected by VCID-y1sm-7uec-1bc5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:27:27.698116+00:00 Debian Oval Importer Affected by VCID-zu3p-941y-nydy https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T20:27:28.897588+00:00 Debian Oval Importer Affected by VCID-xg3j-c698-3kgu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T20:21:05.002731+00:00 Debian Oval Importer Affected by VCID-4jf2-xww4-mfau https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T19:55:05.107638+00:00 Debian Oval Importer Affected by VCID-pf79-yf2z-syem https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T19:15:07.346982+00:00 Debian Oval Importer Fixing VCID-hfkx-cat3-puf8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:21:16.993227+00:00 Debian Oval Importer Affected by VCID-7cp9-37h3-tkhq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:17:53.573033+00:00 Debian Oval Importer Fixing VCID-qwv5-ntpt-mbbp https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:02:30.319905+00:00 Debian Oval Importer Affected by VCID-juwv-p63q-8ffy https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:46:03.115298+00:00 Debian Oval Importer Affected by VCID-1ytk-9srj-zfff https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:27:25.654531+00:00 Debian Oval Importer Affected by VCID-jzz2-x2gk-8kf1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:25:03.348297+00:00 Debian Oval Importer Affected by VCID-2a49-ryer-vkhd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:21:35.927987+00:00 Debian Oval Importer Fixing VCID-ku5p-8cre-xkee https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:15:50.727027+00:00 Debian Oval Importer Fixing VCID-7hwy-9gdx-rya8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:56:42.492823+00:00 Debian Oval Importer Fixing VCID-drq5-6jps-skax https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:51:54.889013+00:00 Debian Oval Importer Affected by VCID-37b2-h2nn-ufa8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:18:18.227712+00:00 Debian Oval Importer Fixing VCID-rzj1-83cd-4yer https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-07T22:58:20.678450+00:00 Debian Oval Importer Fixing VCID-zu3p-941y-nydy https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 38.1.0
2026-04-07T22:29:19.496662+00:00 Debian Oval Importer Fixing VCID-y1sm-7uec-1bc5 https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 38.1.0