6013 matches found
USN-8156-2: GDK-PixBuf vulnerability
USN-8156-1 fixed a vulnerability in GDK-PixBuf. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that GDK-PixBuf incorrectly handled certain JPEG files. An attacker could use this issue to caus...
USN-8156-2 gdk-pixbuf vulnerability
USN-8156-1 fixed a vulnerability in GDK-PixBuf. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that GDK-PixBuf incorrectly handled certain JPEG files. An attacker could use this issue to caus...
EulerOS 2.0 SP11 : gdk-pixbuf2 (EulerOS-SA-2026-2241)
According to the versions of the gdk-pixbuf2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper...
image-size 资源管理错误漏洞
image-size is a lightweight image size retrieval tool developed by image-size. Versions of image-size from 1.1.0 to 1.2.1 and from 2.0.0 to 2.0.2 contained security vulnerabilities. These vulnerabilities stemmed from the findBox function, which had a denial-of-service vulnerability when processin...
EulerOS 2.0 SP11 : gdk-pixbuf2 (EulerOS-SA-2026-2203)
According to the versions of the gdk-pixbuf2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper...
ROS-20260609-73-0006
The vulnerability of the jpegimageload function in the image loading library GdkPixbuf is related to the situation where the operation exits the buffer boundaries in memory when processing a specially created JPEG image. Exploiting this vulnerability could allow a malicious actor to cause service...
USN-8397-1 jpeg-xl vulnerability
It was discovered that libjxl did not properly handle certain crafted PBM images. An attacker could possibly use this issue to cause libjxl to crash, resulting in a denial of service, or execute arbitrary code...
CVE-2026-7580
A vulnerability was detected in Exiftool up to 13.53. Impacted is the function Processmrld of the file lib/Image/ExifTool/GM.pm of the component JPEG/QuickTime/MOV/MP4. The manipulation of the argument -ee results in code injection. Attacking locally is a requirement. Upgrading to version 13.54 i...
JLSEC-2026-569
OpenCV is an Open Source Computer Vision Library. Versions 4.10.0 and 4.11.0 have an uninitialized pointer variable on stack that may lead to arbitrary heap buffer write when reading crafted JPEG images. Version 4.12.0 fixes the vulnerability...
[SECURITY] Fedora 43 Update: jpegxl-0.11.2-1.fc43
This package contains a reference implementation of JPEG XL encoder and decoder...
Linux Distros Unpatched Vulnerability : CVE-2026-46011
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: mtk-jpeg: fix use-after-free in release path due to uncancelled work The mtkjpegrelease function frees the context structure ctx without first cancelling...
RockyLinux 10 : gdk-pixbuf2 (RLSA-2026:19127)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19127 advisory. gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image CVE-2026-5201 Tenable has extracted the...
GHSA-RR89-W3H9-M66J ExifReader is vulnerable to denial of service via unbounded decompression of image metadata
Impact Versions of ExifReader from 4.20.0 through 4.38.1 do not bound the size of decompressed metadata blocks. When a caller invokes the asynchronous API e.g. ExifReader.loadfile or ExifReader.loadbuffer, async: true on an attacker-supplied image, a small compressed chunk in the file can expand ...
gdk-pixbuf2 security update
An update is available for gdk-pixbuf2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gdk-pixbuf2 packages provide an image loading library that can be...
RLSA-2026:19127 Important: gdk-pixbuf2 security update
The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. Security Fixes: gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JP...
[SECURITY] Fedora 44 Update: jpegxl-0.11.2-1.fc44
This package contains a reference implementation of JPEG XL encoder and decoder...
RockyLinux 10 : gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free (RLSA-2026:19024)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19024 advisory. GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer: GStreamer: Remote Code Execution via heap-based buffer...
media: mtk-jpeg: fix use-after-free in release path due to uncancelled work
...
SUSE CVE-2026-46011
In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: fix use-after-free in release path due to uncancelled work The mtkjpegrelease function frees the context structure ctx without first cancelling any pending or running work in ctx-jpegwork. This creates a race...
CVE-2026-46011
A flaw was found in the Linux kernel's MediaTek JPEG mtk-jpeg driver. This use-after-free vulnerability arises from a race condition where the driver frees memory while it may still be in use by a work queue. This can allow a local attacker to cause system instability, leading to a denial of...