Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-48622

Опубликовано: 26 янв. 2024
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 7.8

Описание

In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or code execution attack. This occurs in gdk_pixbuf_set_option() in gdk-pixbuf.c.

РелизСтатусПримечание
bionic

ignored

end of standard support
devel

not-affected

2.42.12+dfsg-1
esm-infra/bionic

released

2.36.11-2ubuntu0.1~esm1
esm-infra/focal

not-affected

2.40.0+dfsg-3ubuntu0.5
esm-infra/xenial

released

2.32.2-1ubuntu1.6+esm1
focal

released

2.40.0+dfsg-3ubuntu0.5
jammy

released

2.42.8+dfsg-1ubuntu0.3
lunar

ignored

end of life, was needs-triage
mantic

released

2.42.10+dfsg-1ubuntu0.1
noble

released

2.42.10+dfsg-3ubuntu3.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 24%
0.00077
Низкий

7.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2022-48622

CVSS3: 7.3
redhat
больше 1 года назад

In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or code execution attack. This occurs in gdk_pixbuf_set_option() in gdk-pixbuf.c.

nvd логотип

CVE-2022-48622

CVSS3: 7.8
nvd
больше 1 года назад

In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or code execution attack. This occurs in gdk_pixbuf_set_option() in gdk-pixbuf.c.

msrc логотип

CVE-2022-48622

CVSS3: 7.8
msrc
8 месяцев назад

Описание отсутствует

debian логотип

CVE-2022-48622

CVSS3: 7.8
debian
больше 1 года назад

In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows ...

suse-cvrf логотип

SUSE-SU-2024:2077-1

suse-cvrf
около 1 года назад

Security update for gdk-pixbuf

EPSS

Процентиль: 24%
0.00077
Низкий

7.8 High

CVSS3