Lucene search
Cloud FoundryCFOUNDRY:5FCFF3F01CC96D4AE9302EFAC9ADC855HistoryJan 24, 2018 - 12:00 a.m.
USN-3532-1: GDK-PixBuf vulnerabilities | Cloud Foundry
2018-01-2400:00:00
Cloud Foundry
www.cloudfoundry.org
26
0.006 Low
EPSS
Percentile
79.5%
Severity
Medium
Vendor
Canonical Ubuntu
Versions Affected
- Canonical Ubuntu 14.04
Description
It was discoreved that GDK-PixBuf incorrectly handled certain gif images. An attacker could use this to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-1000422)
Ariel Zelivansky discovered that GDK-PixBuf incorrectly handled certain images. An attacker could use this to cause a denial of service. (CVE-2017-6312, CVE-2017-6313)
Ariel Zelivansky discovered that GDK-PixBuf incorrectly handled large TIFF files. An attacker could use this to cause a denial of service. (CVE-2017-6314)
Affected Cloud Foundry Products and Versions
Severity is medium unless otherwise noted.
- All versions of Cloud Foundry cflinuxfs2 prior to 1.180.0
Mitigation
OSS users are strongly encouraged to follow one of the mitigations below:
- The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 version 1.180.0 or later.
References
Related
debian
debian
[SECURITY] [DSA 4088-1] gdk-pixbuf security update
2018-01-15 19:59:55
[SECURITY] [DLA 2043-1] gdk-pixbuf security update
2019-12-19 18:37:46
[SECURITY] [DLA 1234-1] gdk-pixbuf security update
2018-01-08 14:55:42
ubuntu
ubuntu
GDK-PixBuf vulnerabilities
2018-01-15 00:00:00
nessus
nessus
Debian DSA-4088-1 : gdk-pixbuf - security update
2018-01-16 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : GDK-PixBuf vulnerabilities (USN-3532-1)
2018-01-16 00:00:00
EulerOS 2.0 SP2 : gdk-pixbuf2 (EulerOS-SA-2019-2386)
2019-12-10 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-4088-1)
2018-01-14 00:00:00
Ubuntu: Security Advisory (USN-3532-1)
2018-10-26 00:00:00
Huawei EulerOS: Security Advisory for gdk-pixbuf2 (EulerOS-SA-2019-2386)
2020-01-23 00:00:00
gentoo
gentoo
GDK-PixBuf: Multiple vulnerabilities
2017-09-17 00:00:00
GDK-PixBuf: Remote code execution
2018-04-17 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: mingw-gdk-pixbuf-2.36.12-1.fc30
2020-02-08 01:39:36
[SECURITY] Fedora 31 Update: mingw-gdk-pixbuf-2.40.0-1.fc31
2020-02-08 02:05:02
osv
osv
gdk-pixbuf - security update
2019-12-19 00:00:00
gdk-pixbuf - security update
2018-01-15 00:00:00
gdk-pixbuf - security update
2018-01-08 00:00:00
suse
suse
Security update for gdk-pixbuf (important)
2017-09-06 21:07:30
Security update for gdk-pixbuf (important)
2017-09-08 21:07:16
Security update for gdk-pixbuf (moderate)
2018-07-20 03:09:26
mageia
mageia
Updated gdk-pixbuf2.0 packages fix security vulnerability
2018-01-01 18:50:28
Updated gdk-pixbuf2.0 packages fix security vulnerability
2018-01-20 02:12:00
Updated gdk-pixbuf2.0 packages fix security vulnerability
2018-01-22 00:31:56
cve
cve
ubuntucve
ubuntucve
redhatcve
redhatcve
veracode
veracode
Integer Overflow
2018-05-24 06:28:11
Denial Of Service (DoS)
2018-05-31 11:38:38
Denial Of Service (DoS)
2020-05-10 23:26:24
prion
prion
Integer overflow
2018-01-02 20:29:00
Code injection
2017-03-10 02:59:00
Integer overflow
2017-03-10 02:59:00
cvelist
cvelist
debiancve
debiancve
nvd
nvd
alpinelinux
alpinelinux
CVE-2017-6314
2017-03-10 02:59:00
CVE-2017-6312
2017-03-10 02:59:00