Search CVE reports


Toggle filters

1 – 10 of 41 results


CVE-2023-44444

Medium priority

Some fixes available 4 of 6

GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit...

1 affected package

gimp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gimp Not affected Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2023-44443

Medium priority
Fixed

GIMP PSP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this...

1 affected package

gimp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gimp Fixed Not affected Not affected Not affected
Show less packages

CVE-2023-44442

Medium priority

Some fixes available 4 of 6

GIMP PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit...

1 affected package

gimp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gimp Not affected Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2023-44441

Medium priority

Some fixes available 4 of 6

GIMP DDS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit...

1 affected package

gimp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gimp Not affected Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2022-32990

Low priority

Some fixes available 2 of 5

An issue in gimp_layer_invalidate_boundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service (DoS).

1 affected package

gimp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gimp Not affected Fixed Fixed Vulnerable Needs evaluation
Show less packages

CVE-2022-30067

Low priority

Some fixes available 2 of 5

GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash.

1 affected package

gimp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gimp Not affected Fixed Fixed Vulnerable Needs evaluation
Show less packages

CVE-2018-12713

Negligible priority
Vulnerable

GIMP through 2.10.2 makes g_get_tmp_dir calls to establish temporary filenames, which may result in a filename that already exists, as demonstrated by the gimp_write_and_read_file function in app/tests/test-xcf.c. This might be...

1 affected package

gimp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gimp Vulnerable Vulnerable Vulnerable Vulnerable Needs evaluation
Show less packages

CVE-2017-17789

Low priority

Some fixes available 1 of 4

In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c.

1 affected package

gimp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gimp Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2017-17788

Low priority

Some fixes available 1 of 4

In GIMP 2.8.22, there is a stack-based buffer over-read in xcf_load_stream in app/xcf/xcf.c when there is no '\0' character after the version string.

1 affected package

gimp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gimp Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2017-17787

Low priority

Some fixes available 1 of 4

In GIMP 2.8.22, there is a heap-based buffer over-read in read_creator_block in plug-ins/common/file-psp.c.

1 affected package

gimp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gimp Not affected Not affected Not affected Not affected Vulnerable
Show less packages