VulnerableCode Package Details - pkg:deb/debian/libavif@1.2.1-1.2?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-2cqy-bg4s-g3f4	Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution.	CVE-2023-6350
VCID-ddek-ah5n-87ft	libavif 0.8.0 and 0.8.1 has an out-of-bounds write in avifDecoderDataFillImageGrid.	CVE-2020-36407
VCID-m229-g3dn-pbbg	In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer overflow in stream->offset+size.	CVE-2025-48174
VCID-nx63-bqh3-8fes	Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution.	CVE-2023-6351
VCID-vpe9-3csn-vyf1	In libavif before 1.3.0, avifImageRGBToYUV in reformat.c has integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes.	CVE-2025-48175
VCID-xccw-1usp-u3c8	Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution.	CVE-2023-6704

Vulnerability

Summary

Aliases

VCID-2cqy-bg4s-g3f4

Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution.

CVE-2023-6350

VCID-ddek-ah5n-87ft

libavif 0.8.0 and 0.8.1 has an out-of-bounds write in avifDecoderDataFillImageGrid.

CVE-2020-36407

VCID-m229-g3dn-pbbg

In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer overflow in stream->offset+size.

CVE-2025-48174

VCID-nx63-bqh3-8fes

Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution.

CVE-2023-6351

VCID-vpe9-3csn-vyf1

In libavif before 1.3.0, avifImageRGBToYUV in reformat.c has integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes.

CVE-2025-48175

VCID-xccw-1usp-u3c8

Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution.

CVE-2023-6704

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T12:14:21.160104+00:00	Debian Importer	Fixing	VCID-vpe9-3csn-vyf1	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:35:14.258347+00:00	Debian Importer	Fixing	VCID-xccw-1usp-u3c8	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:17:57.278118+00:00	Debian Importer	Fixing	VCID-ddek-ah5n-87ft	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:41:05.537264+00:00	Debian Importer	Fixing	VCID-nx63-bqh3-8fes	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:57:59.631895+00:00	Debian Importer	Fixing	VCID-m229-g3dn-pbbg	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:51:46.860339+00:00	Debian Importer	Fixing	VCID-2cqy-bg4s-g3f4	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T08:22:19.417577+00:00	Debian Importer	Fixing	VCID-vpe9-3csn-vyf1	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:53:59.579293+00:00	Debian Importer	Fixing	VCID-xccw-1usp-u3c8	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:41:15.716479+00:00	Debian Importer	Fixing	VCID-ddek-ah5n-87ft	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:13:40.336823+00:00	Debian Importer	Fixing	VCID-nx63-bqh3-8fes	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:00:54.132974+00:00	Debian Importer	Fixing	VCID-m229-g3dn-pbbg	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:57:07.046528+00:00	Debian Importer	Fixing	VCID-2cqy-bg4s-g3f4	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:28:30.262854+00:00	Debian Importer	Fixing	VCID-vpe9-3csn-vyf1	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:28:30.206275+00:00	Debian Importer	Fixing	VCID-m229-g3dn-pbbg	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:28:30.147770+00:00	Debian Importer	Fixing	VCID-xccw-1usp-u3c8	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:28:30.098652+00:00	Debian Importer	Fixing	VCID-nx63-bqh3-8fes	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:28:30.058222+00:00	Debian Importer	Fixing	VCID-2cqy-bg4s-g3f4	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:28:30.016260+00:00	Debian Importer	Fixing	VCID-ddek-ah5n-87ft	https://security-tracker.debian.org/tracker/data/json	38.1.0