High severity7.3NVD Advisory· Published May 27, 2025· Updated Apr 15, 2026
CVE-2025-48797
CVE-2025-48797
Description
A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing a heap buffer overflow.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
20- osv-coords19 versionspkg:rpm/almalinux/gimppkg:rpm/almalinux/gimp-develpkg:rpm/almalinux/gimp-devel-toolspkg:rpm/almalinux/gimp-libspkg:rpm/almalinux/pygobject2pkg:rpm/almalinux/pygobject2-codegenpkg:rpm/almalinux/pygobject2-develpkg:rpm/almalinux/pygobject2-docpkg:rpm/almalinux/pygtk2pkg:rpm/almalinux/pygtk2-codegenpkg:rpm/almalinux/pygtk2-develpkg:rpm/almalinux/pygtk2-docpkg:rpm/almalinux/python2-cairopkg:rpm/almalinux/python2-cairo-develpkg:rpm/opensuse/gimp&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/gimp&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/gimp&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/gimp&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP6pkg:rpm/suse/gimp&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP7
< 2:2.99.8-4.el9_6.2+ 18 more
- (no CPE)range: < 2:2.99.8-4.el9_6.2
- (no CPE)range: < 2:2.8.22-26.module_el8.10.0+4017+5eb23531.2
- (no CPE)range: < 2:2.8.22-26.module_el8.10.0+4017+5eb23531.2
- (no CPE)range: < 2:2.99.8-4.el9_6.2
- (no CPE)range: < 2.28.7-5.module_el8.10.0+3952+571e801c
- (no CPE)range: < 2.28.7-5.module_el8.10.0+3952+571e801c
- (no CPE)range: < 2.28.7-5.module_el8.10.0+3952+571e801c
- (no CPE)range: < 2.28.7-5.module_el8.10.0+3952+571e801c
- (no CPE)range: < 2.24.0-25.module_el8.9.0+3725+d1441900
- (no CPE)range: < 2.24.0-25.module_el8.9.0+3725+d1441900
- (no CPE)range: < 2.24.0-25.module_el8.9.0+3725+d1441900
- (no CPE)range: < 2.24.0-25.module_el8.9.0+3725+d1441900
- (no CPE)range: < 1.16.3-7.module_el8.10.0+3952+571e801c
- (no CPE)range: < 1.16.3-7.module_el8.10.0+3952+571e801c
- (no CPE)range: < 2.10.30-150400.3.20.1
- (no CPE)range: < 2.10.30-150400.3.20.1
- (no CPE)range: < 2.10.30-150400.3.20.1
- (no CPE)range: < 2.10.30-150400.3.20.1
- (no CPE)range: < 2.10.30-150400.3.20.1
Patches
Vulnerability mechanics
References
14- access.redhat.com/errata/RHSA-2025:9162nvd
- access.redhat.com/errata/RHSA-2025:9165nvd
- access.redhat.com/errata/RHSA-2025:9308nvd
- access.redhat.com/errata/RHSA-2025:9309nvd
- access.redhat.com/errata/RHSA-2025:9310nvd
- access.redhat.com/errata/RHSA-2025:9314nvd
- access.redhat.com/errata/RHSA-2025:9315nvd
- access.redhat.com/errata/RHSA-2025:9316nvd
- access.redhat.com/errata/RHSA-2025:9501nvd
- access.redhat.com/errata/RHSA-2025:9569nvd
- access.redhat.com/security/cve/CVE-2025-48797nvd
- bugzilla.redhat.com/show_bug.cginvd
- gitlab.gnome.org/GNOME/gimp/-/issues/11822nvd
- lists.debian.org/debian-lts-announce/2025/10/msg00022.htmlnvd
News mentions
0No linked articles in our index yet.