rpm package
suse/gimp&distro=SUSE Linux Enterprise Software Development Kit 12 SP4
pkg:rpm/suse/gimp&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-17788 | Med | 5.5 | < 2.8.18-9.8.1 | 2.8.18-9.8.1 | Dec 20, 2017 | In GIMP 2.8.22, there is a stack-based buffer over-read in xcf_load_stream in app/xcf/xcf.c when there is no '\0' character after the version string. | |
| CVE-2017-17786 | Hig | 7.8 | < 2.8.18-9.8.1 | 2.8.18-9.8.1 | Dec 20, 2017 | In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1) via an unexpected bits-per-pixel value for an RGBA image. | |
| CVE-2017-17785 | Hig | 7.8 | < 2.8.18-9.8.1 | 2.8.18-9.8.1 | Dec 20, 2017 | In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c. |
- affected < 2.8.18-9.8.1fixed 2.8.18-9.8.1
In GIMP 2.8.22, there is a stack-based buffer over-read in xcf_load_stream in app/xcf/xcf.c when there is no '\0' character after the version string.
- affected < 2.8.18-9.8.1fixed 2.8.18-9.8.1
In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1) via an unexpected bits-per-pixel value for an RGBA image.
- affected < 2.8.18-9.8.1fixed 2.8.18-9.8.1
In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c.