Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gimp gimp vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2018-12713
GIMP up to and including 2.10.2 makes g_get_tmp_dir calls to establish temporary filenames, which may result in a filename that already exists, as demonstrated by the gimp_write_and_read_file function in app/tests/test-xcf.c. This might be leveraged by malicious users to overwrit...
Gimp Gimp
7.8
CVSSv3
CVE-2021-45463
load_cache in GEGL prior to 0.4.34 allows shell expansion when a pathname in a constructed command line is not escaped or filtered. This is caused by use of the system library function for execution of the ImageMagick convert fallback in magick-load. NOTE: GEGL releases prior to ...
Gegl Gegl
Gimp Gimp
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
7.8
CVSSv3
CVE-2017-17784
In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data.
Gimp Gimp 2.8.22
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 14.04
7.8
CVSSv3
CVE-2017-17785
In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c.
Gimp Gimp 2.8.22
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
7.8
CVSSv3
CVE-2017-17786
In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1) via an unexpected bits-per-pixel value for an RGBA image.
Gimp Gimp 2.8.22
Debian Debian Linux 9.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 14.04
7.8
CVSSv3
CVE-2017-17787
In GIMP 2.8.22, there is a heap-based buffer over-read in read_creator_block in plug-ins/common/file-psp.c.
Gimp Gimp 2.8.22
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
7.8
CVSSv3
CVE-2017-17789
In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c.
Gimp Gimp 2.8.22
Debian Debian Linux 9.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 14.04
7.5
CVSSv3
CVE-2017-16612
libXcursor prior to 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland up to and i...
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 17.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
X Libxcursor
5.5
CVSSv3
CVE-2022-32990
An issue in gimp_layer_invalidate_boundary of GNOME GIMP 2.10.30 allows malicious users to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service (DoS).
Gimp Gimp 2.10.30
5.5
CVSSv3
CVE-2022-30067
GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash.
Gimp Gimp 2.99.10
Gimp Gimp 2.10.30
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »