Medium severity5.5NVD Advisory· Published Dec 20, 2017· Updated May 13, 2026
CVE-2017-17788
CVE-2017-17788
Description
In GIMP 2.8.22, there is a stack-based buffer over-read in xcf_load_stream in app/xcf/xcf.c when there is no '\0' character after the version string.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- www.openwall.com/lists/oss-security/2017/12/19/5nvdMailing ListThird Party Advisory
- bugzilla.gnome.org/show_bug.cginvdIssue TrackingThird Party Advisory
- lists.debian.org/debian-lts-announce/2017/12/msg00023.htmlnvdMailing ListThird Party Advisory
- usn.ubuntu.com/3539-1/nvdThird Party Advisory
- www.debian.org/security/2017/dsa-4077nvdThird Party Advisory
News mentions
0No linked articles in our index yet.