{"url":"http://public2.vulnerablecode.io/api/packages/98106?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.4.9-2?distro=trixie","type":"deb","namespace":"debian","name":"gtk+2.0","version":"2.4.9-2","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.6.4-1","latest_non_vulnerable_version":"2.24.33-10","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69840?format=json","vulnerability_id":"VCID-418g-5k4q-zqah","summary":"Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0788.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0788.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0788","reference_id":"","reference_type":"","scores":[{"value":"0.13522","scoring_system":"epss","scoring_elements":"0.94351","published_at":"2026-06-04T12:55:00Z"},{"value":"0.13522","scoring_system":"epss","scoring_elements":"0.9436","published_at":"2026-06-05T12:55:00Z"},{"value":"0.13522","scoring_system":"epss","scoring_elements":"0.94361","published_at":"2026-06-06T12:55:00Z"},{"value":"0.13522","scoring_system":"epss","scoring_elements":"0.94362","published_at":"2026-06-08T12:55:00Z"},{"value":"0.13522","scoring_system":"epss","scoring_elements":"0.94367","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0788"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0788","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0788"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617290","reference_id":"1617290","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:447","reference_id":"RHSA-2004:447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:466","reference_id":"RHSA-2004:466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:466"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98106?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.4.9-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.4.9-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98107?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98105?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98109?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98108?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-10%3Fdistro=trixie"}],"aliases":["CVE-2004-0788"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-418g-5k4q-zqah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69839?format=json","vulnerability_id":"VCID-hs4e-6xvn-sbb6","summary":"Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based buffer overflow.  NOTE: this identifier is ONLY for gtk+.  It was incorrectly referenced in an advisory for a different issue (CVE-2004-0687).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0782.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0782.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0782","reference_id":"","reference_type":"","scores":[{"value":"0.31086","scoring_system":"epss","scoring_elements":"0.9684","published_at":"2026-06-04T12:55:00Z"},{"value":"0.31086","scoring_system":"epss","scoring_elements":"0.96845","published_at":"2026-06-05T12:55:00Z"},{"value":"0.31086","scoring_system":"epss","scoring_elements":"0.96849","published_at":"2026-06-08T12:55:00Z"},{"value":"0.31086","scoring_system":"epss","scoring_elements":"0.9685","published_at":"2026-06-07T12:55:00Z"},{"value":"0.31086","scoring_system":"epss","scoring_elements":"0.96854","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0782"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617283","reference_id":"1617283","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617283"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:447","reference_id":"RHSA-2004:447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:466","reference_id":"RHSA-2004:466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:466"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98106?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.4.9-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.4.9-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98107?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98105?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98109?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98108?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-10%3Fdistro=trixie"}],"aliases":["CVE-2004-0782"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hs4e-6xvn-sbb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71987?format=json","vulnerability_id":"VCID-uqwx-c1a6-33dx","summary":"Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string.  NOTE: this identifier is ONLY for gtk+.  It was incorrectly referenced in an advisory for a different issue (CVE-2004-0688).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0783.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0783.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0783","reference_id":"","reference_type":"","scores":[{"value":"0.28699","scoring_system":"epss","scoring_elements":"0.9663","published_at":"2026-06-04T12:55:00Z"},{"value":"0.28699","scoring_system":"epss","scoring_elements":"0.96633","published_at":"2026-06-05T12:55:00Z"},{"value":"0.28699","scoring_system":"epss","scoring_elements":"0.96638","published_at":"2026-06-08T12:55:00Z"},{"value":"0.28699","scoring_system":"epss","scoring_elements":"0.96643","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0783"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617284","reference_id":"1617284","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:447","reference_id":"RHSA-2004:447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:466","reference_id":"RHSA-2004:466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:466"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98106?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.4.9-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.4.9-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98107?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98105?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98109?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98108?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-10%3Fdistro=trixie"}],"aliases":["CVE-2004-0783"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uqwx-c1a6-33dx"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.4.9-2%3Fdistro=trixie"}