VulnerableCode Package Details - pkg:rpm/redhat/shotwell@0.28.4-1?arch=el7

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:rpm/redhat/shotwell@0.28.4-1?arch=el7

Essentials
History (15)

purl	pkg:rpm/redhat/shotwell@0.28.4-1?arch=el7

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk

Vulnerabilities affecting this package (15)

Vulnerability	Summary	Fixed by
VCID-1r6u-s1r1-3qhc Aliases: CVE-2018-10768	poppler: NULL pointer dereference in Annot.h:AnnotPath::getCoordsLength() allows for denial of service via crafted PDF	There are no reported fixed by versions.
VCID-1rbh-rtpu-eyg8 Aliases: CVE-2018-14036	accountsservice: insufficient path check in user_change_icon_file_authorized_cb() in user.c	There are no reported fixed by versions.
VCID-45xv-dhx7-kbhx Aliases: CVE-2018-4204	webkitgtk: memory corruption processing maliciously crafted web content	There are no reported fixed by versions.
VCID-9pkq-7yt9-2uej Aliases: CVE-2018-10767	libgxps: Stack-based buffer overflow in calling glib in gxps_images_guess_content_type of gcontenttype.c	There are no reported fixed by versions.
VCID-b1x2-12k4-a3c7 Aliases: CVE-2018-11712	webkitgtk: Improper TLS certificate verification for WebSocket connections	There are no reported fixed by versions.
VCID-cx6n-2u5x-budw Aliases: CVE-2018-13988	poppler: out of bounds read in pdfunite	There are no reported fixed by versions.
VCID-ef6p-2tvg-73gc Aliases: CVE-2017-2862	gdk-pixbuf2: Heap overflow in the gdk_pixbuf__jpeg_image_load_increment function	There are no reported fixed by versions.
VCID-fs2r-sc5f-2far Aliases: CVE-2015-9381	freetype: a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c leading to crash	There are no reported fixed by versions.
VCID-h3mu-4p5g-4bhp Aliases: CVE-2018-12910	libsoup: Crash in soup_cookie_jar.c:get_cookies() on empty hostnames	There are no reported fixed by versions.
VCID-hd5n-h2wm-p3ey Aliases: CVE-2018-4200	webkitgtk: memory corruption processing maliciously crafted web content	There are no reported fixed by versions.
VCID-j5sh-krcx-yyf3 Aliases: CVE-2017-18267	poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph() function allows denial of service	There are no reported fixed by versions.
VCID-kua2-deqn-hkbf Aliases: CVE-2018-10733	libgxps: heap based buffer over read in ft_font_face_hash function of gxps-fonts.c	There are no reported fixed by versions.
VCID-qk36-qax6-m7a9 Aliases: CVE-2018-11713	webkitgtk: WebSockets don't use system proxy settings	There are no reported fixed by versions.
VCID-uttj-q7c8-yqbg Aliases: CVE-2018-4121	webkitgtk: memory corruption processing maliciously crafted web content	There are no reported fixed by versions.
VCID-xk6q-a68x-qka2 Aliases: CVE-2015-9382	freetype: mishandling ps_parser_skip_PS_token in an FT_New_Memory_Face operation in skip_comment, psaux/psobjs.c, leads to a buffer over-read	There are no reported fixed by versions.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-29T09:45:41.537638+00:00	RedHat Importer	Affected by	VCID-ef6p-2tvg-73gc	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2862.json	38.6.0
2026-05-29T09:44:04.466037+00:00	RedHat Importer	Affected by	VCID-j5sh-krcx-yyf3	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18267.json	38.6.0
2026-05-29T09:39:41.413833+00:00	RedHat Importer	Affected by	VCID-kua2-deqn-hkbf	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10733.json	38.6.0
2026-05-29T09:39:39.222261+00:00	RedHat Importer	Affected by	VCID-9pkq-7yt9-2uej	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10767.json	38.6.0
2026-05-29T09:39:36.988977+00:00	RedHat Importer	Affected by	VCID-1r6u-s1r1-3qhc	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10768.json	38.6.0
2026-05-29T09:39:34.792392+00:00	RedHat Importer	Affected by	VCID-uttj-q7c8-yqbg	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-4121.json	38.6.0
2026-05-29T09:39:32.612200+00:00	RedHat Importer	Affected by	VCID-hd5n-h2wm-p3ey	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-4200.json	38.6.0
2026-05-29T09:39:30.436410+00:00	RedHat Importer	Affected by	VCID-45xv-dhx7-kbhx	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-4204.json	38.6.0
2026-05-29T09:39:00.222577+00:00	RedHat Importer	Affected by	VCID-b1x2-12k4-a3c7	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11712.json	38.6.0
2026-05-29T09:38:58.000456+00:00	RedHat Importer	Affected by	VCID-qk36-qax6-m7a9	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11713.json	38.6.0
2026-05-29T09:38:01.734466+00:00	RedHat Importer	Affected by	VCID-h3mu-4p5g-4bhp	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12910.json	38.6.0
2026-05-29T09:37:56.769587+00:00	RedHat Importer	Affected by	VCID-1rbh-rtpu-eyg8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14036.json	38.6.0
2026-05-29T09:37:32.443144+00:00	RedHat Importer	Affected by	VCID-cx6n-2u5x-budw	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13988.json	38.6.0
2026-05-29T09:31:03.406906+00:00	RedHat Importer	Affected by	VCID-xk6q-a68x-qka2	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-9382.json	38.6.0
2026-05-29T09:30:43.539181+00:00	RedHat Importer	Affected by	VCID-fs2r-sc5f-2far	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-9381.json	38.6.0