{"url":"http://public2.vulnerablecode.io/api/packages/1026197?format=json","purl":"pkg:deb/debian/gdk-pixbuf@2.42.2%2Bdfsg-1%2Bdeb11u2","type":"deb","namespace":"debian","name":"gdk-pixbuf","version":"2.42.2+dfsg-1+deb11u2","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.42.10+dfsg-1+deb12u4","latest_non_vulnerable_version":"2.44.6+dfsg-2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68799?format=json","vulnerability_id":"VCID-jzz2-x2gk-8kf1","summary":"gdk‑pixbuf: Heap‑buffer‑overflow in gdk‑pixbuf","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-7345.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-7345.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-7345","reference_id":"","reference_type":"","scores":[{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59087","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61704","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61733","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61753","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61768","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61789","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61777","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61758","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61801","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61806","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61788","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63775","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63785","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63788","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00938","scoring_system":"epss","scoring_elements":"0.76304","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-7345"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7345","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7345"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109262","reference_id":"1109262","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109262"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2377063","reference_id":"2377063","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2377063"},{"reference_url":"https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/249","reference_id":"249","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/"}],"url":"https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/249"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.2::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:8.8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos","reference_id":"cpe:/o:redhat:rhel_eus_long_life:8.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_tus:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos","reference_id":"cpe:/o:redhat:rhel_tus:8.8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-7345","reference_id":"CVE-2025-7345","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-7345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12841","reference_id":"RHSA-2025:12841","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12862","reference_id":"RHSA-2025:12862","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13315","reference_id":"RHSA-2025:13315","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:13315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14574","reference_id":"RHSA-2025:14574","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:14574"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14575","reference_id":"RHSA-2025:14575","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:14575"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14576","reference_id":"RHSA-2025:14576","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:14576"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14585","reference_id":"RHSA-2025:14585","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:14585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14618","reference_id":"RHSA-2025:14618","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:14618"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14646","reference_id":"RHSA-2025:14646","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:14646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14647","reference_id":"RHSA-2025:14647","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:14647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14683","reference_id":"RHSA-2025:14683","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-08T13:53:14Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:14683"},{"reference_url":"https://usn.ubuntu.com/7662-1/","reference_id":"USN-7662-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7662-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026198?format=json","purl":"pkg:deb/debian/gdk-pixbuf@2.42.10%2Bdfsg-1%2Bdeb12u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xg6z-9vh5-pbd6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.10%252Bdfsg-1%252Bdeb12u3"}],"aliases":["CVE-2025-7345"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jzz2-x2gk-8kf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69437?format=json","vulnerability_id":"VCID-xg3j-c698-3kgu","summary":"gdk-pixbuf: Uninitialized Memory Disclosure in GdkPixbuf GIF LZW Decoder","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6199.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6199.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6199","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06675","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.0655","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06599","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06582","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06633","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06676","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06669","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24361","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24378","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24368","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27702","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27628","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27455","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.279","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27813","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6199"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6199","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6199"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107994","reference_id":"1107994","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107994"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373147","reference_id":"2373147","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:43:00Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373147"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-6199","reference_id":"CVE-2025-6199","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:43:00Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-6199"},{"reference_url":"https://usn.ubuntu.com/7662-1/","reference_id":"USN-7662-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7662-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026198?format=json","purl":"pkg:deb/debian/gdk-pixbuf@2.42.10%2Bdfsg-1%2Bdeb12u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xg6z-9vh5-pbd6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.10%252Bdfsg-1%252Bdeb12u3"}],"aliases":["CVE-2025-6199"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xg3j-c698-3kgu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63891?format=json","vulnerability_id":"VCID-xg6z-9vh5-pbd6","summary":"gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5201.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5201.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5201","reference_id":"","reference_type":"","scores":[{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12186","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1222","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12242","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25209","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25544","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25506","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30621","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30715","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30625","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30679","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30711","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30669","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32436","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32414","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00867","scoring_system":"epss","scoring_elements":"0.75239","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5201"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5201","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5201"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132501","reference_id":"1132501","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132501"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453291","reference_id":"2453291","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:45:53Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453291"},{"reference_url":"https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/304","reference_id":"304","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:45:53Z/"}],"url":"https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/304"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1","reference_id":"cpe:/o:redhat:enterprise_linux:10.1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0","reference_id":"cpe:/o:redhat:enterprise_linux_eus:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.2::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:8.8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos","reference_id":"cpe:/o:redhat:rhel_eus_long_life:8.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_tus:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos","reference_id":"cpe:/o:redhat:rhel_tus:8.8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2026-5201","reference_id":"CVE-2026-5201","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:45:53Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2026-5201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10707","reference_id":"RHSA-2026:10707","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:45:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:10707"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10708","reference_id":"RHSA-2026:10708","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:45:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:10708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10741","reference_id":"RHSA-2026:10741","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:45:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:10741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11325","reference_id":"RHSA-2026:11325","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:45:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11326","reference_id":"RHSA-2026:11326","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:45:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11327","reference_id":"RHSA-2026:11327","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:45:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11328","reference_id":"RHSA-2026:11328","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:45:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11806","reference_id":"RHSA-2026:11806","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:45:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12060","reference_id":"RHSA-2026:12060","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:45:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:12060"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12061","reference_id":"RHSA-2026:12061","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:45:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:12061"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12062","reference_id":"RHSA-2026:12062","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:45:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:12062"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12114","reference_id":"RHSA-2026:12114","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:45:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:12114"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12115","reference_id":"RHSA-2026:12115","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:45:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:12115"},{"reference_url":"https://usn.ubuntu.com/8156-1/","reference_id":"USN-8156-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8156-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026198?format=json","purl":"pkg:deb/debian/gdk-pixbuf@2.42.10%2Bdfsg-1%2Bdeb12u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xg6z-9vh5-pbd6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.10%252Bdfsg-1%252Bdeb12u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1068123?format=json","purl":"pkg:deb/debian/gdk-pixbuf@2.42.10%2Bdfsg-1%2Bdeb12u4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.10%252Bdfsg-1%252Bdeb12u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1068124?format=json","purl":"pkg:deb/debian/gdk-pixbuf@2.42.12%2Bdfsg-4%2Bdeb13u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.12%252Bdfsg-4%252Bdeb13u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1026201?format=json","purl":"pkg:deb/debian/gdk-pixbuf@2.44.6%2Bdfsg-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.44.6%252Bdfsg-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1059946?format=json","purl":"pkg:deb/debian/gdk-pixbuf@2.44.6%2Bdfsg-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.44.6%252Bdfsg-2"}],"aliases":["CVE-2026-5201"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xg6z-9vh5-pbd6"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12131?format=json","vulnerability_id":"VCID-2a49-ryer-vkhd","summary":"Out-of-bounds Write\nGNOME gdk-pixbuf is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals `12`","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44648.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44648.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44648","reference_id":"","reference_type":"","scores":[{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35934","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36125","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36155","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.3599","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.3604","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36062","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36069","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.3603","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36004","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36044","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35978","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.3575","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35718","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.3563","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35516","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44648"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44648","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44648"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46829"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/136","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/136"},{"reference_url":"https://sahildhar.github.io/blogpost/GdkPixbuf-Heap-Buffer-Overflow-in-lzw_decoder_new/","reference_id":"","reference_type":"","scores":[],"url":"https://sahildhar.github.io/blogpost/GdkPixbuf-Heap-Buffer-Overflow-in-lzw_decoder_new/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014600","reference_id":"1014600","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014600"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043722","reference_id":"2043722","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043722"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44648","reference_id":"CVE-2021-44648","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2216","reference_id":"RHSA-2023:2216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2216"},{"reference_url":"https://usn.ubuntu.com/5607-1/","reference_id":"USN-5607-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5607-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026197?format=json","purl":"pkg:deb/debian/gdk-pixbuf@2.42.2%2Bdfsg-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-jzz2-x2gk-8kf1"},{"vulnerability":"VCID-xg3j-c698-3kgu"},{"vulnerability":"VCID-xg6z-9vh5-pbd6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.2%252Bdfsg-1%252Bdeb11u2"}],"aliases":["CVE-2021-44648"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2a49-ryer-vkhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48793?format=json","vulnerability_id":"VCID-4zm2-zv71-jfat","summary":"A vulnerability in GDK-PixBuf library could lead to a Denial of\n    Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29385.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29385.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-29385","reference_id":"","reference_type":"","scores":[{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70315","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70444","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70409","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.7046","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70469","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70328","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70345","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70322","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70367","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70382","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70406","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70391","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70377","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70419","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70428","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-29385"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29385","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29385"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1927237","reference_id":"1927237","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1927237"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977166","reference_id":"977166","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977166"},{"reference_url":"https://security.archlinux.org/ASA-202012-19","reference_id":"ASA-202012-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202012-19"},{"reference_url":"https://security.archlinux.org/ASA-202012-20","reference_id":"ASA-202012-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202012-20"},{"reference_url":"https://security.archlinux.org/AVG-1328","reference_id":"AVG-1328","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1328"},{"reference_url":"https://security.archlinux.org/AVG-1329","reference_id":"AVG-1329","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1329"},{"reference_url":"https://security.gentoo.org/glsa/202012-15","reference_id":"GLSA-202012-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202012-15"},{"reference_url":"https://usn.ubuntu.com/4663-1/","reference_id":"USN-4663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026197?format=json","purl":"pkg:deb/debian/gdk-pixbuf@2.42.2%2Bdfsg-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-jzz2-x2gk-8kf1"},{"vulnerability":"VCID-xg3j-c698-3kgu"},{"vulnerability":"VCID-xg6z-9vh5-pbd6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.2%252Bdfsg-1%252Bdeb11u2"}],"aliases":["CVE-2020-29385"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4zm2-zv71-jfat"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79184?format=json","vulnerability_id":"VCID-juwv-p63q-8ffy","summary":"gdk-pixbuf: heap-based buffer overflow when compositing or clearing frames in GIF files","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46829.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46829.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-46829","reference_id":"","reference_type":"","scores":[{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62096","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62211","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62273","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62266","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62157","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62187","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62155","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62205","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62223","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62241","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.6223","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62209","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62255","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62262","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62246","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62256","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-46829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44648","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44648"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46829"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2114940","reference_id":"2114940","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2114940"},{"reference_url":"https://security.archlinux.org/AVG-2786","reference_id":"AVG-2786","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2216","reference_id":"RHSA-2023:2216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2216"},{"reference_url":"https://usn.ubuntu.com/5554-1/","reference_id":"USN-5554-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5554-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026197?format=json","purl":"pkg:deb/debian/gdk-pixbuf@2.42.2%2Bdfsg-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-jzz2-x2gk-8kf1"},{"vulnerability":"VCID-xg3j-c698-3kgu"},{"vulnerability":"VCID-xg6z-9vh5-pbd6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.2%252Bdfsg-1%252Bdeb11u2"}],"aliases":["CVE-2021-46829"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-juwv-p63q-8ffy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/20640?format=json","vulnerability_id":"VCID-pf79-yf2z-syem","summary":"Out-of-bounds Write\nIn GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or code execution attack. This occurs in gdk_pixbuf_set_option() in gdk-pixbuf.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48622.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48622.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48622","reference_id":"","reference_type":"","scores":[{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23131","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22711","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22819","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22815","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.2281","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23175","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22965","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23039","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23092","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23111","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23075","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23018","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23031","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23022","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22984","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48622"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/202","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-26T19:23:51Z/"}],"url":"https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/202"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071265","reference_id":"1071265","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071265"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2260545","reference_id":"2260545","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2260545"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48622","reference_id":"CVE-2022-48622","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3341","reference_id":"RHSA-2024:3341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3834","reference_id":"RHSA-2024:3834","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3834"},{"reference_url":"https://usn.ubuntu.com/6806-1/","reference_id":"USN-6806-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6806-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026197?format=json","purl":"pkg:deb/debian/gdk-pixbuf@2.42.2%2Bdfsg-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-jzz2-x2gk-8kf1"},{"vulnerability":"VCID-xg3j-c698-3kgu"},{"vulnerability":"VCID-xg6z-9vh5-pbd6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.2%252Bdfsg-1%252Bdeb11u2"}],"aliases":["CVE-2022-48622"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pf79-yf2z-syem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80649?format=json","vulnerability_id":"VCID-vcfh-3p9e-4uc3","summary":"gdk-pixbuf: integer wraparound in the GIF loader of gdk-pixbuf via crafted input leads to segmentation fault","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20240.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20240.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20240","reference_id":"","reference_type":"","scores":[{"value":"0.00794","scoring_system":"epss","scoring_elements":"0.73884","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00794","scoring_system":"epss","scoring_elements":"0.73894","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00794","scoring_system":"epss","scoring_elements":"0.73918","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00794","scoring_system":"epss","scoring_elements":"0.73889","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00794","scoring_system":"epss","scoring_elements":"0.73924","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00794","scoring_system":"epss","scoring_elements":"0.73937","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00794","scoring_system":"epss","scoring_elements":"0.73959","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00794","scoring_system":"epss","scoring_elements":"0.73941","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00794","scoring_system":"epss","scoring_elements":"0.73933","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00794","scoring_system":"epss","scoring_elements":"0.73974","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00794","scoring_system":"epss","scoring_elements":"0.73983","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00794","scoring_system":"epss","scoring_elements":"0.73975","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00794","scoring_system":"epss","scoring_elements":"0.74008","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00794","scoring_system":"epss","scoring_elements":"0.74016","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00794","scoring_system":"epss","scoring_elements":"0.74015","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00794","scoring_system":"epss","scoring_elements":"0.74009","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20240"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20240","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20240"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1926787","reference_id":"1926787","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1926787"},{"reference_url":"https://usn.ubuntu.com/4743-1/","reference_id":"USN-4743-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4743-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026197?format=json","purl":"pkg:deb/debian/gdk-pixbuf@2.42.2%2Bdfsg-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-jzz2-x2gk-8kf1"},{"vulnerability":"VCID-xg3j-c698-3kgu"},{"vulnerability":"VCID-xg6z-9vh5-pbd6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.2%252Bdfsg-1%252Bdeb11u2"}],"aliases":["CVE-2021-20240"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vcfh-3p9e-4uc3"}],"risk_score":"3.4","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.2%252Bdfsg-1%252Bdeb11u2"}