Search CVE reports
11 – 20 of 41 results
CVE-2017-17786
Low prioritySome fixes available 1 of 4
In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1) via an unexpected bits-per-pixel value for an RGBA image.
1 affected package
gimp
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gimp | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2017-17785
Low prioritySome fixes available 1 of 4
In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c.
1 affected package
gimp
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gimp | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2017-17784
Low prioritySome fixes available 1 of 4
In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data.
1 affected package
gimp
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gimp | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2016-4994
Medium priorityUse-after-free vulnerability in the xcf_load_image function in app/xcf/xcf-load.c in GIMP allows remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted XCF file.
1 affected package
gimp
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gimp | — | — | — | — | Fixed |
CVE-2013-1953
Medium prioritySome fixes available 1 of 22
Integer underflow in the input_bmp_reader function in input-bmp.c in AutoTrace 0.31.1 allows context-dependent attackers to have an unspecified impact via a small value in the biSize field in the header of a BMP file, which...
3 affected packages
autotrace, gimp, sam2p
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
autotrace | Not in release | Not in release | Not in release | Not in release | Not affected |
gimp | Not affected | Not affected | Not affected | Not affected | Not affected |
sam2p | Not in release | Not in release | Not in release | Not in release | Vulnerable |
CVE-2013-1978
Medium prioritySome fixes available 4 of 5
Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code...
1 affected package
gimp
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gimp | — | — | — | — | — |
CVE-2013-1913
Medium prioritySome fixes available 4 of 5
Integer overflow in the load_image function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier, when used with glib before 2.24, allows remote attackers to cause a denial of service (crash) and possibly...
1 affected package
gimp
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gimp | — | — | — | — | — |
CVE-2012-5576
Medium prioritySome fixes available 4 of 5
Multiple stack-based buffer overflows in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.8.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large (1) red, (2) green,...
1 affected package
gimp
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gimp | — | — | — | — | — |
CVE-2012-4245
Low priorityThe scriptfu network server in GIMP 2.6 does not require authentication, which allows remote attackers to execute arbitrary commands via the python-fu-eval command.
1 affected package
gimp
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gimp | — | — | — | — | — |
CVE-2012-3481
Medium prioritySome fixes available 4 of 5
Integer overflow in the ReadImage function in plug-ins/common/file-gif-load.c in the GIF image format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute...
1 affected package
gimp
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gimp | — | — | — | — | — |