{"id":"JLSEC-2026-175","details":"In libpixman in Pixman before 0.42.2, there is an out-of-bounds write (aka heap-based buffer overflow) in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y.","modified":"2026-04-22T19:17:13.433983Z","published":"2026-04-22T13:15:27.633Z","upstream":["CVE-2022-44638"],"database_specific":{"sources":[{"url":"https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2022-44638","modified":"2025-05-02T20:15:19.253Z","html_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-44638","id":"CVE-2022-44638","published":"2022-11-03T06:15:10.623Z","imported":"2026-04-22T10:49:11.533Z","database_specific":{"status":"Modified"}}],"license":"CC-BY-4.0"},"references":[{"type":"WEB","url":"http://packetstormsecurity.com/files/170121/pixman-pixman_sample_floor_y-Integer-Overflow.html"},{"type":"WEB","url":"http://packetstormsecurity.com/files/170121/pixman-pixman_sample_floor_y-Integer-Overflow.html"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2022/11/05/1"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2022/11/05/1"},{"type":"WEB","url":"https://gitlab.freedesktop.org/pixman/pixman/-/issues/63"},{"type":"WEB","url":"https://gitlab.freedesktop.org/pixman/pixman/-/issues/63"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2022/11/msg00008.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2022/11/msg00008.html"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUJ2BULJTZ2BMSKQHB6US674P55UCWWS/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUJ2BULJTZ2BMSKQHB6US674P55UCWWS/"},{"type":"WEB","url":"https://www.debian.org/security/2022/dsa-5276"},{"type":"WEB","url":"https://www.debian.org/security/2022/dsa-5276"}],"affected":[{"package":{"name":"Pixman_jll","ecosystem":"Julia","purl":"pkg:julia/Pixman_jll?uuid=30392449-352a-5448-841d-b1acce4e97dc"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"0.42.2+0"}]}],"database_specific":{"source":"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-175.json"}}],"schema_version":"1.7.5"}