{"url":"http://public2.vulnerablecode.io/api/packages/96077?format=json","purl":"pkg:deb/debian/gdk-pixbuf@0.22.0-7?distro=trixie","type":"deb","namespace":"debian","name":"gdk-pixbuf","version":"0.22.0-7","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"0.22.0-7.1","latest_non_vulnerable_version":"2.44.6+dfsg-2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69840?format=json","vulnerability_id":"VCID-418g-5k4q-zqah","summary":"Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0788.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0788.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0788","reference_id":"","reference_type":"","scores":[{"value":"0.13522","scoring_system":"epss","scoring_elements":"0.94351","published_at":"2026-06-04T12:55:00Z"},{"value":"0.13522","scoring_system":"epss","scoring_elements":"0.9436","published_at":"2026-06-05T12:55:00Z"},{"value":"0.13522","scoring_system":"epss","scoring_elements":"0.94361","published_at":"2026-06-06T12:55:00Z"},{"value":"0.13522","scoring_system":"epss","scoring_elements":"0.94362","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0788"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0788","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0788"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617290","reference_id":"1617290","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:447","reference_id":"RHSA-2004:447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:466","reference_id":"RHSA-2004:466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:466"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/96077?format=json","purl":"pkg:deb/debian/gdk-pixbuf@0.22.0-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@0.22.0-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96074?format=json","purl":"pkg:deb/debian/gdk-pixbuf@2.42.2%2Bdfsg-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.2%252Bdfsg-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96072?format=json","purl":"pkg:deb/debian/gdk-pixbuf@2.42.10%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.10%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96076?format=json","purl":"pkg:deb/debian/gdk-pixbuf@2.42.12%2Bdfsg-4%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.12%252Bdfsg-4%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96075?format=json","purl":"pkg:deb/debian/gdk-pixbuf@2.44.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.44.6%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2004-0788"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-418g-5k4q-zqah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69836?format=json","vulnerability_id":"VCID-dtth-d2ay-auff","summary":"The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0753.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0753.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0753","reference_id":"","reference_type":"","scores":[{"value":"0.12598","scoring_system":"epss","scoring_elements":"0.94084","published_at":"2026-06-04T12:55:00Z"},{"value":"0.12598","scoring_system":"epss","scoring_elements":"0.94093","published_at":"2026-06-08T12:55:00Z"},{"value":"0.12598","scoring_system":"epss","scoring_elements":"0.94092","published_at":"2026-06-06T12:55:00Z"},{"value":"0.12598","scoring_system":"epss","scoring_elements":"0.94094","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0753"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617266","reference_id":"1617266","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:447","reference_id":"RHSA-2004:447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:466","reference_id":"RHSA-2004:466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:466"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/96077?format=json","purl":"pkg:deb/debian/gdk-pixbuf@0.22.0-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@0.22.0-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96074?format=json","purl":"pkg:deb/debian/gdk-pixbuf@2.42.2%2Bdfsg-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.2%252Bdfsg-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96072?format=json","purl":"pkg:deb/debian/gdk-pixbuf@2.42.10%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.10%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96076?format=json","purl":"pkg:deb/debian/gdk-pixbuf@2.42.12%2Bdfsg-4%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.12%252Bdfsg-4%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96075?format=json","purl":"pkg:deb/debian/gdk-pixbuf@2.44.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.44.6%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2004-0753"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dtth-d2ay-auff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69839?format=json","vulnerability_id":"VCID-hs4e-6xvn-sbb6","summary":"Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based buffer overflow.  NOTE: this identifier is ONLY for gtk+.  It was incorrectly referenced in an advisory for a different issue (CVE-2004-0687).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0782.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0782.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0782","reference_id":"","reference_type":"","scores":[{"value":"0.31086","scoring_system":"epss","scoring_elements":"0.9684","published_at":"2026-06-04T12:55:00Z"},{"value":"0.31086","scoring_system":"epss","scoring_elements":"0.96845","published_at":"2026-06-05T12:55:00Z"},{"value":"0.31086","scoring_system":"epss","scoring_elements":"0.96849","published_at":"2026-06-08T12:55:00Z"},{"value":"0.31086","scoring_system":"epss","scoring_elements":"0.9685","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0782"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617283","reference_id":"1617283","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617283"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:447","reference_id":"RHSA-2004:447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:466","reference_id":"RHSA-2004:466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:466"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/96077?format=json","purl":"pkg:deb/debian/gdk-pixbuf@0.22.0-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@0.22.0-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96074?format=json","purl":"pkg:deb/debian/gdk-pixbuf@2.42.2%2Bdfsg-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.2%252Bdfsg-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96072?format=json","purl":"pkg:deb/debian/gdk-pixbuf@2.42.10%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.10%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96076?format=json","purl":"pkg:deb/debian/gdk-pixbuf@2.42.12%2Bdfsg-4%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.42.12%252Bdfsg-4%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96075?format=json","purl":"pkg:deb/debian/gdk-pixbuf@2.44.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@2.44.6%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2004-0782"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hs4e-6xvn-sbb6"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gdk-pixbuf@0.22.0-7%3Fdistro=trixie"}