{"id":"CVE-2025-7345","details":"A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution.","modified":"2026-03-23T05:04:48.820218Z","published":"2025-07-08T14:15:32.397Z","related":["ALSA-2025:13315","SUSE-SU-2025:02954-1","SUSE-SU-2025:02963-1","SUSE-SU-2025:03010-1","SUSE-SU-2025:03373-1","SUSE-SU-2025:20694-1","SUSE-SU-2025:20748-1","SUSE-SU-2026:20128-1","SUSE-SU-2026:20156-1","openSUSE-SU-2025:15468-1","openSUSE-SU-2026:20084-1"],"references":[{"type":"WEB","url":"https://access.redhat.com/security/cve/CVE-2025-7345"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00024.html"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:14575"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:14647"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:12862"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:14585"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:14618"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:14646"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:14574"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:14576"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:12841"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:13315"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:14683"},{"type":"REPORT","url":"https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/249"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2377063"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-7345.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}