rpm package
almalinux/gimp-libs
pkg:rpm/almalinux/gimp-libs
Vulnerabilities (32)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-10922 | — | < 2:3.0.4-1.el9_7.1 | 2:3.0.4-1.el9_7.1 | Oct 29, 2025 | GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a | ||
| CVE-2025-10921 | — | < 2:3.0.4-1.el9_7.1 | 2:3.0.4-1.el9_7.1 | Oct 29, 2025 | GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a | ||
| CVE-2025-10920 | — | < 2:3.0.4-1.el9_7.1 | 2:3.0.4-1.el9_7.1 | Oct 29, 2025 | GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malic | ||
| CVE-2025-5473 | — | < 2:2.99.8-4.el9_6.2 | 2:2.99.8-4.el9_6.2 | Jun 6, 2025 | GIMP ICO File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious | ||
| CVE-2025-48798 | Hig | 7.3 | < 2:2.99.8-4.el9_6.2 | 2:2.99.8-4.el9_6.2 | May 27, 2025 | A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues. | |
| CVE-2025-48797 | Hig | 7.3 | < 2:2.99.8-4.el9_6.2 | 2:2.99.8-4.el9_6.2 | May 27, 2025 | A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing a heap buffer overflow. | |
| CVE-2023-44444 | — | < 2:2.99.8-4.el9_3 | 2:2.99.8-4.el9_3 | May 3, 2024 | GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page | ||
| CVE-2023-44443 | — | < 2:2.99.8-4.el9_3 | 2:2.99.8-4.el9_3 | May 3, 2024 | GIMP PSP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious | ||
| CVE-2023-44442 | — | < 2:2.99.8-4.el9_3 | 2:2.99.8-4.el9_3 | May 3, 2024 | GIMP PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a | ||
| CVE-2023-44441 | — | < 2:2.99.8-4.el9_3 | 2:2.99.8-4.el9_3 | May 3, 2024 | GIMP DDS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a | ||
| CVE-2022-32990 | — | < 2:2.99.8-3.el9 | 2:2.99.8-3.el9 | Jun 24, 2022 | An issue in gimp_layer_invalidate_boundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service (DoS). | ||
| CVE-2022-30067 | — | < 2:2.99.8-3.el9 | 2:2.99.8-3.el9 | May 17, 2022 | GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash. |
- CVE-2025-10922Oct 29, 2025affected < 2:3.0.4-1.el9_7.1fixed 2:3.0.4-1.el9_7.1
GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a
- CVE-2025-10921Oct 29, 2025affected < 2:3.0.4-1.el9_7.1fixed 2:3.0.4-1.el9_7.1
GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a
- CVE-2025-10920Oct 29, 2025affected < 2:3.0.4-1.el9_7.1fixed 2:3.0.4-1.el9_7.1
GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malic
- CVE-2025-5473Jun 6, 2025affected < 2:2.99.8-4.el9_6.2fixed 2:2.99.8-4.el9_6.2
GIMP ICO File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious
- affected < 2:2.99.8-4.el9_6.2fixed 2:2.99.8-4.el9_6.2
A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues.
- affected < 2:2.99.8-4.el9_6.2fixed 2:2.99.8-4.el9_6.2
A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing a heap buffer overflow.
- CVE-2023-44444May 3, 2024affected < 2:2.99.8-4.el9_3fixed 2:2.99.8-4.el9_3
GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page
- CVE-2023-44443May 3, 2024affected < 2:2.99.8-4.el9_3fixed 2:2.99.8-4.el9_3
GIMP PSP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious
- CVE-2023-44442May 3, 2024affected < 2:2.99.8-4.el9_3fixed 2:2.99.8-4.el9_3
GIMP PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a
- CVE-2023-44441May 3, 2024affected < 2:2.99.8-4.el9_3fixed 2:2.99.8-4.el9_3
GIMP DDS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a
- CVE-2022-32990Jun 24, 2022affected < 2:2.99.8-3.el9fixed 2:2.99.8-3.el9
An issue in gimp_layer_invalidate_boundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service (DoS).
- CVE-2022-30067May 17, 2022affected < 2:2.99.8-3.el9fixed 2:2.99.8-3.el9
GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash.
Page 2 of 2