7.5
CVE-2026-5201
- EPSS 1.07%
- Veröffentlicht 31.03.2026 08:32:58
- Zuletzt bearbeitet 30.06.2026 03:21:05
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Gdk-pixbuf: gdk-pixbuf: denial of service via heap-based buffer overflow when processing a specially crafted jpeg image
A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for example, via thumbnail generation. Successful exploitation leads to application crashes and denial of service (DoS) conditions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Gnome ≫ Gdk-pixbuf Version-
Redhat ≫ Enterprise Linux Version7.0
Redhat ≫ Enterprise Linux Version8.0
Redhat ≫ Enterprise Linux Version9.0
Redhat ≫ Enterprise Linux Version10.0
Redhat ≫ Enterprise Linux Server Aus Version8.2
Redhat ≫ Enterprise Linux Server Aus Version8.4
Redhat ≫ Enterprise Linux Server Tus Version8.8
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.07% | 0.604 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secalert@redhat.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-122 Heap-based Buffer Overflow
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
https://access.redhat.com/security/cve/CVE-2026-5201
https://bugzilla.redhat.com/show_bug.cgi?id=2453291
https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/304
https://lists.debian.org/debian-lts-announce/2026/04/msg00010.html
https://access.redhat.com/errata/RHSA-2026:10708
https://access.redhat.com/errata/RHSA-2026:10707
https://access.redhat.com/errata/RHSA-2026:10741
https://access.redhat.com/errata/RHSA-2026:11325
https://access.redhat.com/errata/RHSA-2026:11326
https://access.redhat.com/errata/RHSA-2026:11327
https://access.redhat.com/errata/RHSA-2026:11328
https://access.redhat.com/errata/RHSA-2026:11806
https://access.redhat.com/errata/RHSA-2026:12060
https://access.redhat.com/errata/RHSA-2026:12061
https://access.redhat.com/errata/RHSA-2026:12114
https://access.redhat.com/errata/RHSA-2026:12115
https://access.redhat.com/errata/RHSA-2026:12062
https://access.redhat.com/errata/RHSA-2026:16174
https://access.redhat.com/errata/RHSA-2026:16008
https://access.redhat.com/errata/RHSA-2026:16009
https://access.redhat.com/errata/RHSA-2026:16030
https://access.redhat.com/errata/RHSA-2026:19127
https://access.redhat.com/errata/RHSA-2026:19210
https://access.redhat.com/errata/RHSA-2026:19725
https://access.redhat.com/errata/RHSA-2026:19724
https://access.redhat.com/errata/RHSA-2026:25096
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5201.json