4 matches found
MiracleLinux 9 : gimp-3.0.4-1.el9_7.4 (AXSA:2026-311:03)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-311:03 advisory. gimp: GIMP: Remote code execution via heap-based buffer overflow in ICNS file parsing CVE-2026-2047 gimp: GIMP: Remote Code Execution via uninitializ...
AlmaLinux 9 : gimp (ALSA-2026:4173)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4173 advisory. gimp: GIMP: Remote code execution via heap-based buffer overflow in ICNS file parsing CVE-2026-2047 gimp: GIMP: Remote Code Execution via uninitialized...
RHEL 9 : gimp (RHSA-2026:4173)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4173 advisory. The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox,...
CVE-2026-2047
The CVE-2026-2047 issue is a heap-based buffer overflow in GIMP’s ICNS file parsing that allows remote code execution. It stems from insufficient validation of the length of user-supplied data before copying to a heap buffer. Exploitation requires user interaction (target visits a malicious page ...