7.5
CVE-2026-5201
- EPSS 0.75%
- Veröffentlicht 31.03.2026 08:32:58
- Zuletzt bearbeitet 14.05.2026 23:16:37
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
LoginGdk-pixbuf: gdk-pixbuf: denial of service via heap-based buffer overflow when processing a specially crafted jpeg image
A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for example, via thumbnail generation. Successful exploitation leads to application crashes and denial of service (DoS) conditions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Gnome ≫ Gdk-pixbuf Version-
Redhat ≫ Enterprise Linux Version7.0
Redhat ≫ Enterprise Linux Version8.0
Redhat ≫ Enterprise Linux Version9.0
Redhat ≫ Enterprise Linux Version10.0
Redhat ≫ Enterprise Linux Server Aus Version8.2
Redhat ≫ Enterprise Linux Server Aus Version8.4
Redhat ≫ Enterprise Linux Server Tus Version8.8
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.75% | 0.731 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secalert@redhat.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-122 Heap-based Buffer Overflow
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().