VulnerableCode Package Details - pkg:deb/debian/gdk-pixbuf@2.42.10%2Bdfsg-1%2Bdeb12u1?distro=trixie

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/gdk-pixbuf@2.42.10%2Bdfsg-1%2Bdeb12u1?distro=trixie

purl	pkg:deb/debian/gdk-pixbuf@2.42.10%2Bdfsg-1%2Bdeb12u1?distro=trixie

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-pf79-yf2z-syem	Out-of-bounds Write In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or code execution attack. This occurs in gdk_pixbuf_set_option() in gdk-pixbuf.c.	CVE-2022-48622

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T10:45:02.810307+00:00	Debian Importer	Fixing	VCID-pf79-yf2z-syem	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T07:16:15.649024+00:00	Debian Importer	Fixing	VCID-pf79-yf2z-syem	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:24:27.526494+00:00	Debian Importer	Fixing	VCID-pf79-yf2z-syem	https://security-tracker.debian.org/tracker/data/json	38.1.0