rpm package
suse/gimp&distro=SUSE Linux Enterprise Workstation Extension 12 SP5
pkg:rpm/suse/gimp&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5
Vulnerabilities (10)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-44444 | — | < 2.8.18-9.27.1 | 2.8.18-9.27.1 | May 3, 2024 | GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page | ||
| CVE-2023-44442 | — | < 2.8.18-9.27.1 | 2.8.18-9.27.1 | May 3, 2024 | GIMP PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a | ||
| CVE-2022-32990 | — | < 2.8.18-9.24.1 | 2.8.18-9.24.1 | Jun 24, 2022 | An issue in gimp_layer_invalidate_boundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service (DoS). | ||
| CVE-2022-30067 | — | < 2.8.18-9.21.1 | 2.8.18-9.21.1 | May 17, 2022 | GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash. | ||
| CVE-2017-17789 | Hig | 7.8 | < 2.8.18-9.12.1 | 2.8.18-9.12.1 | Dec 20, 2017 | In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c. | |
| CVE-2017-17788 | Med | 5.5 | < 2.8.18-9.8.1 | 2.8.18-9.8.1 | Dec 20, 2017 | In GIMP 2.8.22, there is a stack-based buffer over-read in xcf_load_stream in app/xcf/xcf.c when there is no '\0' character after the version string. | |
| CVE-2017-17787 | Hig | 7.8 | < 2.8.18-9.15.2 | 2.8.18-9.15.2 | Dec 20, 2017 | In GIMP 2.8.22, there is a heap-based buffer over-read in read_creator_block in plug-ins/common/file-psp.c. | |
| CVE-2017-17786 | Hig | 7.8 | < 2.8.18-9.8.1 | 2.8.18-9.8.1 | Dec 20, 2017 | In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1) via an unexpected bits-per-pixel value for an RGBA image. | |
| CVE-2017-17785 | Hig | 7.8 | < 2.8.18-9.8.1 | 2.8.18-9.8.1 | Dec 20, 2017 | In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c. | |
| CVE-2017-17784 | Hig | 7.8 | < 2.8.18-9.18.1 | 2.8.18-9.18.1 | Dec 20, 2017 | In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data. |
- CVE-2023-44444May 3, 2024affected < 2.8.18-9.27.1fixed 2.8.18-9.27.1
GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page
- CVE-2023-44442May 3, 2024affected < 2.8.18-9.27.1fixed 2.8.18-9.27.1
GIMP PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a
- CVE-2022-32990Jun 24, 2022affected < 2.8.18-9.24.1fixed 2.8.18-9.24.1
An issue in gimp_layer_invalidate_boundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service (DoS).
- CVE-2022-30067May 17, 2022affected < 2.8.18-9.21.1fixed 2.8.18-9.21.1
GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash.
- affected < 2.8.18-9.12.1fixed 2.8.18-9.12.1
In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c.
- affected < 2.8.18-9.8.1fixed 2.8.18-9.8.1
In GIMP 2.8.22, there is a stack-based buffer over-read in xcf_load_stream in app/xcf/xcf.c when there is no '\0' character after the version string.
- affected < 2.8.18-9.15.2fixed 2.8.18-9.15.2
In GIMP 2.8.22, there is a heap-based buffer over-read in read_creator_block in plug-ins/common/file-psp.c.
- affected < 2.8.18-9.8.1fixed 2.8.18-9.8.1
In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1) via an unexpected bits-per-pixel value for an RGBA image.
- affected < 2.8.18-9.8.1fixed 2.8.18-9.8.1
In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c.
- affected < 2.8.18-9.18.1fixed 2.8.18-9.18.1
In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data.