rpm package
suse/gimp&distro=SUSE Linux Enterprise Workstation Extension 15 SP6
pkg:rpm/suse/gimp&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP6
Vulnerabilities (8)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-10934 | — | < 2.10.30-150400.3.29.1 | 2.10.30-150400.3.29.1 | Oct 29, 2025 | GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a | ||
| CVE-2025-10922 | — | < 2.10.30-150400.3.32.1 | 2.10.30-150400.3.32.1 | Oct 29, 2025 | GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a | ||
| CVE-2025-6035 | — | < 2.10.30-150400.3.23.1 | 2.10.30-150400.3.23.1 | Jun 13, 2025 | A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP "Despeckle" plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel (img_bpp), which can result in allocating insufficient memory and | ||
| CVE-2025-5473 | — | < 2.10.30-150400.3.17.1 | 2.10.30-150400.3.17.1 | Jun 6, 2025 | GIMP ICO File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious | ||
| CVE-2025-48798 | Hig | 7.3 | < 2.10.30-150400.3.20.1 | 2.10.30-150400.3.20.1 | May 27, 2025 | A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues. | |
| CVE-2025-48797 | Hig | 7.3 | < 2.10.30-150400.3.20.1 | 2.10.30-150400.3.20.1 | May 27, 2025 | A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing a heap buffer overflow. | |
| CVE-2025-2761 | — | < 2.10.30-150400.3.14.1 | 2.10.30-150400.3.14.1 | Apr 23, 2025 | GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malici | ||
| CVE-2025-2760 | — | < 2.10.30-150400.3.26.1 | 2.10.30-150400.3.26.1 | Apr 23, 2025 | GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious |
- CVE-2025-10934Oct 29, 2025affected < 2.10.30-150400.3.29.1fixed 2.10.30-150400.3.29.1
GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a
- CVE-2025-10922Oct 29, 2025affected < 2.10.30-150400.3.32.1fixed 2.10.30-150400.3.32.1
GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a
- CVE-2025-6035Jun 13, 2025affected < 2.10.30-150400.3.23.1fixed 2.10.30-150400.3.23.1
A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP "Despeckle" plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel (img_bpp), which can result in allocating insufficient memory and
- CVE-2025-5473Jun 6, 2025affected < 2.10.30-150400.3.17.1fixed 2.10.30-150400.3.17.1
GIMP ICO File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious
- affected < 2.10.30-150400.3.20.1fixed 2.10.30-150400.3.20.1
A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues.
- affected < 2.10.30-150400.3.20.1fixed 2.10.30-150400.3.20.1
A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing a heap buffer overflow.
- CVE-2025-2761Apr 23, 2025affected < 2.10.30-150400.3.14.1fixed 2.10.30-150400.3.14.1
GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malici
- CVE-2025-2760Apr 23, 2025affected < 2.10.30-150400.3.26.1fixed 2.10.30-150400.3.26.1
GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious