rpm package

almalinux/gimp-devel

pkg:rpm/almalinux/gimp-devel

Vulnerabilities (22)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2026-4154	Hig	7.8	< 2:2.8.22-26.module_el8.10.0+4175+c208a0bf.6	2:2.8.22-26.module_el8.10.0+4175+c208a0bf.6	Apr 11, 2026	GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious
CVE-2026-4153	Hig	7.8	< 2:2.8.22-26.module_el8.10.0+4175+c208a0bf.6	2:2.8.22-26.module_el8.10.0+4175+c208a0bf.6	Apr 11, 2026	GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a
CVE-2026-4150	Hig	7.8	< 2:2.8.22-26.module_el8.10.0+4175+c208a0bf.6	2:2.8.22-26.module_el8.10.0+4175+c208a0bf.6	Apr 11, 2026	GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious
CVE-2026-4887	Med	6.1	< 2:2.8.22-26.module_el8.10.0+4175+c208a0bf.6	2:2.8.22-26.module_el8.10.0+4175+c208a0bf.6	Mar 26, 2026	A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosu
CVE-2026-2048		—	< 2:2.8.22-26.module_el8.10.0+4137+2d0d25cf.5	2:2.8.22-26.module_el8.10.0+4137+2d0d25cf.5	Feb 20, 2026	GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malici
CVE-2026-2045		—	< 2:2.8.22-26.module_el8.10.0+4137+2d0d25cf.5	2:2.8.22-26.module_el8.10.0+4137+2d0d25cf.5	Feb 20, 2026	GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malici
CVE-2026-2044		—	< 2:2.8.22-26.module_el8.10.0+4137+2d0d25cf.5	2:2.8.22-26.module_el8.10.0+4137+2d0d25cf.5	Feb 20, 2026	GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malic
CVE-2026-0797		—	< 2:2.8.22-26.module_el8.10.0+4137+2d0d25cf.5	2:2.8.22-26.module_el8.10.0+4137+2d0d25cf.5	Feb 20, 2026	GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a
CVE-2025-14422		—	< 2:2.8.22-26.module_el8.10.0+4109+804f132c.4	2:2.8.22-26.module_el8.10.0+4109+804f132c.4	Dec 23, 2025	GIMP PNM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious
CVE-2025-10934		—	< 2:2.8.22-26.module_el8.10.0+4070+64105a56.3	2:2.8.22-26.module_el8.10.0+4070+64105a56.3	Oct 29, 2025	GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a
CVE-2025-10925		—	< 2:2.8.22-26.module_el8.10.0+4070+64105a56.3	2:2.8.22-26.module_el8.10.0+4070+64105a56.3	Oct 29, 2025	GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit
CVE-2025-10924		—	< 2:2.8.22-26.module_el8.10.0+4070+64105a56.3	2:2.8.22-26.module_el8.10.0+4070+64105a56.3	Oct 29, 2025	GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious
CVE-2025-10923		—	< 2:2.8.22-26.module_el8.10.0+4070+64105a56.3	2:2.8.22-26.module_el8.10.0+4070+64105a56.3	Oct 29, 2025	GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a maliciou
CVE-2025-10922		—	< 2:2.8.22-26.module_el8.10.0+4070+64105a56.3	2:2.8.22-26.module_el8.10.0+4070+64105a56.3	Oct 29, 2025	GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a
CVE-2025-10921		—	< 2:2.8.22-26.module_el8.10.0+4070+64105a56.3	2:2.8.22-26.module_el8.10.0+4070+64105a56.3	Oct 29, 2025	GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a
CVE-2025-10920		—	< 2:2.8.22-26.module_el8.10.0+4070+64105a56.3	2:2.8.22-26.module_el8.10.0+4070+64105a56.3	Oct 29, 2025	GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malic
CVE-2025-5473		—	< 2:2.8.22-26.module_el8.10.0+4017+5eb23531.2	2:2.8.22-26.module_el8.10.0+4017+5eb23531.2	Jun 6, 2025	GIMP ICO File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious
CVE-2025-48798	Hig	7.3	< 2:2.8.22-26.module_el8.10.0+4017+5eb23531.2	2:2.8.22-26.module_el8.10.0+4017+5eb23531.2	May 27, 2025	A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues.
CVE-2025-48797	Hig	7.3	< 2:2.8.22-26.module_el8.10.0+4017+5eb23531.2	2:2.8.22-26.module_el8.10.0+4017+5eb23531.2	May 27, 2025	A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing a heap buffer overflow.
CVE-2023-44444		—	< 2:2.8.22-25.module_el8.9.0+3725+d1441900	2:2.8.22-25.module_el8.9.0+3725+d1441900	May 3, 2024	GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page

CVE-2026-4154HigApr 11, 2026
affected < 2:2.8.22-26.module_el8.10.0+4175+c208a0bf.6fixed 2:2.8.22-26.module_el8.10.0+4175+c208a0bf.6
GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious
CVE-2026-4153HigApr 11, 2026
affected < 2:2.8.22-26.module_el8.10.0+4175+c208a0bf.6fixed 2:2.8.22-26.module_el8.10.0+4175+c208a0bf.6
GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a
CVE-2026-4150HigApr 11, 2026
affected < 2:2.8.22-26.module_el8.10.0+4175+c208a0bf.6fixed 2:2.8.22-26.module_el8.10.0+4175+c208a0bf.6
GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious
CVE-2026-4887MedMar 26, 2026
affected < 2:2.8.22-26.module_el8.10.0+4175+c208a0bf.6fixed 2:2.8.22-26.module_el8.10.0+4175+c208a0bf.6
A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosu
CVE-2026-2048Feb 20, 2026
affected < 2:2.8.22-26.module_el8.10.0+4137+2d0d25cf.5fixed 2:2.8.22-26.module_el8.10.0+4137+2d0d25cf.5
GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malici
CVE-2026-2045Feb 20, 2026
affected < 2:2.8.22-26.module_el8.10.0+4137+2d0d25cf.5fixed 2:2.8.22-26.module_el8.10.0+4137+2d0d25cf.5
GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malici
CVE-2026-2044Feb 20, 2026
affected < 2:2.8.22-26.module_el8.10.0+4137+2d0d25cf.5fixed 2:2.8.22-26.module_el8.10.0+4137+2d0d25cf.5
GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malic
CVE-2026-0797Feb 20, 2026
affected < 2:2.8.22-26.module_el8.10.0+4137+2d0d25cf.5fixed 2:2.8.22-26.module_el8.10.0+4137+2d0d25cf.5
GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a
CVE-2025-14422Dec 23, 2025
affected < 2:2.8.22-26.module_el8.10.0+4109+804f132c.4fixed 2:2.8.22-26.module_el8.10.0+4109+804f132c.4
GIMP PNM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious
CVE-2025-10934Oct 29, 2025
affected < 2:2.8.22-26.module_el8.10.0+4070+64105a56.3fixed 2:2.8.22-26.module_el8.10.0+4070+64105a56.3
GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a
CVE-2025-10925Oct 29, 2025
affected < 2:2.8.22-26.module_el8.10.0+4070+64105a56.3fixed 2:2.8.22-26.module_el8.10.0+4070+64105a56.3
GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit
CVE-2025-10924Oct 29, 2025
affected < 2:2.8.22-26.module_el8.10.0+4070+64105a56.3fixed 2:2.8.22-26.module_el8.10.0+4070+64105a56.3
GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious
CVE-2025-10923Oct 29, 2025
affected < 2:2.8.22-26.module_el8.10.0+4070+64105a56.3fixed 2:2.8.22-26.module_el8.10.0+4070+64105a56.3
GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a maliciou
CVE-2025-10922Oct 29, 2025
affected < 2:2.8.22-26.module_el8.10.0+4070+64105a56.3fixed 2:2.8.22-26.module_el8.10.0+4070+64105a56.3
GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a
CVE-2025-10921Oct 29, 2025
affected < 2:2.8.22-26.module_el8.10.0+4070+64105a56.3fixed 2:2.8.22-26.module_el8.10.0+4070+64105a56.3
GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a
CVE-2025-10920Oct 29, 2025
affected < 2:2.8.22-26.module_el8.10.0+4070+64105a56.3fixed 2:2.8.22-26.module_el8.10.0+4070+64105a56.3
GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malic
CVE-2025-5473Jun 6, 2025
affected < 2:2.8.22-26.module_el8.10.0+4017+5eb23531.2fixed 2:2.8.22-26.module_el8.10.0+4017+5eb23531.2
GIMP ICO File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious
CVE-2025-48798HigMay 27, 2025
affected < 2:2.8.22-26.module_el8.10.0+4017+5eb23531.2fixed 2:2.8.22-26.module_el8.10.0+4017+5eb23531.2
A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues.
CVE-2025-48797HigMay 27, 2025
affected < 2:2.8.22-26.module_el8.10.0+4017+5eb23531.2fixed 2:2.8.22-26.module_el8.10.0+4017+5eb23531.2
A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing a heap buffer overflow.
CVE-2023-44444May 3, 2024
affected < 2:2.8.22-25.module_el8.9.0+3725+d1441900fixed 2:2.8.22-25.module_el8.9.0+3725+d1441900
GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page

Page 1 of 2