7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.305 Low
EPSS
Percentile
97.0%
Chris Evans discovered several flaws in the gdk-pixbuf
XPM image decoder:
Heap-based overflow in pixbuf_create_from_xpm
Stack-based overflow in xpm_extract_color
Integer overflows in io-ico.c
Some of these flaws are believed to be exploitable.