CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
35.2%
Pedro Ribeiro and Vitor Pedreira discovered that the GDK-PixBuf
library did not properly handle certain ANI files. An attacker
could use this flaw to cause GDK-PixBuf to crash, resulting in
a denial of service, or to possibly execute arbitrary code.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 24.04 | noarch | libgdk-pixbuf-2.0-0 | < 2.42.10+dfsg-3ubuntu3.1 | UNKNOWN |
Ubuntu | 24.04 | noarch | gdk-pixbuf-tests | < 2.42.10+dfsg-3ubuntu3.1 | UNKNOWN |
Ubuntu | 24.04 | noarch | gdk-pixbuf-tests-dbgsym | < 2.42.10+dfsg-3ubuntu3.1 | UNKNOWN |
Ubuntu | 24.04 | noarch | gir1.2-gdkpixbuf-2.0 | < 2.42.10+dfsg-3ubuntu3.1 | UNKNOWN |
Ubuntu | 24.04 | noarch | libgdk-pixbuf-2.0-0-dbgsym | < 2.42.10+dfsg-3ubuntu3.1 | UNKNOWN |
Ubuntu | 24.04 | noarch | libgdk-pixbuf-2.0-dev | < 2.42.10+dfsg-3ubuntu3.1 | UNKNOWN |
Ubuntu | 24.04 | noarch | libgdk-pixbuf2.0-bin | < 2.42.10+dfsg-3ubuntu3.1 | UNKNOWN |
Ubuntu | 24.04 | noarch | libgdk-pixbuf2.0-bin-dbgsym | < 2.42.10+dfsg-3ubuntu3.1 | UNKNOWN |
Ubuntu | 24.04 | noarch | libgdk-pixbuf2.0-common | < 2.42.10+dfsg-3ubuntu3.1 | UNKNOWN |
Ubuntu | 24.04 | noarch | libgdk-pixbuf2.0-doc | < 2.42.10+dfsg-3ubuntu3.1 | UNKNOWN |