119 matches found
Astra Linux - уязвимость в gimp
GIMP ICO File Parsing: Integer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page or open a...
Astra Linux - уязвимость в pillow
In Pillow before 8.1.2, attackers can cause a denial of service due to excessive memory consumption. This occurs because the reported size of the contained image is not properly checked for an ICO container. As a result, a memory allocation attempt can be quite large...
CLSA-2026-1776848955 gimp: Fix of 2 CVEs
CVE-2026-2239: fix heap-buffer-overflow in freadpascalstring when processing PSD files and a follow-up NULL pointer dereference in loadresource1006 alpha names handling - CVE-2026-2272: fix integer overflow in ICO file loading...
CVE-2026-40917
A flaw was found in GIMP. This vulnerability, a heap buffer over-read in the icnsslurp function, occurs when processing specially crafted ICNS image files. An attacker could provide a malicious ICNS file, potentially leading to application crashes or information disclosure on systems that process...
CVE-2026-2272
A flaw was found in GIMP. An integer overflow vulnerability exists when processing ICO image files, specifically in the icoreadinfo and icoreadicon functions. This issue arises because a size calculation for image buffers can wrap around due to a 32-bit integer evaluation, allowing oversized imag...
CVE-2026-2272 Gimp: gimp: memory corruption due to integer overflow in ico file handling
A flaw was found in GIMP. An integer overflow vulnerability exists when processing ICO image files, specifically in the icoreadinfo and icoreadicon functions. This issue arises because a size calculation for image buffers can wrap around due to a 32-bit integer evaluation, allowing oversized imag...
CVE-2026-2272
GIMP suffers an integer overflow in ICO handling (ico_read_info and ico_read_icon) due to a 32-bit size calculation that can wrap when processing ICO headers, enabling a remote attacker to supply a crafted ICO file that may cause a buffer overflow and memory corruption, potentially leading to an ...
gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability
A flaw was found in GIMP. This vulnerability, a heap-based buffer overflow, occurs during the parsing of ICO files. A remote attacker can exploit this by convincing a user to open a malicious file or visit a malicious web page, leading to arbitrary code execution. The issue is due to a lack of...
gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability
A flaw was found in GIMP. This vulnerability, a heap-based buffer overflow, occurs during the parsing of ICO files. A remote attacker can exploit this by convincing a user to open a malicious file or visit a malicious web page, leading to arbitrary code execution. The issue is due to a lack of...
gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability
A flaw was found in GIMP. This vulnerability, a heap-based buffer overflow, occurs during the parsing of ICO files. A remote attacker can exploit this by convincing a user to open a malicious file or visit a malicious web page, leading to arbitrary code execution. The issue is due to a lack of...
gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability
A flaw was found in GIMP. This vulnerability, a heap-based buffer overflow, occurs during the parsing of ICO files. A remote attacker can exploit this by convincing a user to open a malicious file or visit a malicious web page, leading to arbitrary code execution. The issue is due to a lack of...
gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability
A flaw was found in GIMP. This vulnerability, a heap-based buffer overflow, occurs during the parsing of ICO files. A remote attacker can exploit this by convincing a user to open a malicious file or visit a malicious web page, leading to arbitrary code execution. The issue is due to a lack of...
gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability
A flaw was found in GIMP. This vulnerability, a heap-based buffer overflow, occurs during the parsing of ICO files. A remote attacker can exploit this by convincing a user to open a malicious file or visit a malicious web page, leading to arbitrary code execution. The issue is due to a lack of...
gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability
A flaw was found in GIMP. This vulnerability, a heap-based buffer overflow, occurs during the parsing of ICO files. A remote attacker can exploit this by convincing a user to open a malicious file or visit a malicious web page, leading to arbitrary code execution. The issue is due to a lack of...
Amazon Linux 2 : gimp, --advisory ALAS2GIMP-2026-012 (ALASGIMP-2026-012)
The version of gimp installed on the remote host is prior to 2.8.22-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2GIMP-2026-012 advisory. GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote...
CLSA-2026-1773683117 gimp: Fix of 4 CVEs
CVE-2026-2044: fix uninitialized memory read in PGM file parser - CVE-2026-2045: fix heap buffer overflow in XWD file loader - CVE-2026-2048: fix out-of-bounds write in XWD file loader - CVE-2026-0797: fix missing fread return value checks in ICO file loader...
USN-8082-1: GIMP vulnerabilities
Michael Randrianantenaina discovered that GIMP incorrectly handled certain malformed ICO files. An attacker could possibly use this to cause a denial of service or execute arbitrary code. CVE-2025-5473 Seungho Kim discovered that GIMP incorrectly handled certain memory operations when running the...
gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability
A flaw was found in GIMP. This vulnerability, a heap-based buffer overflow, occurs during the parsing of ICO files. A remote attacker can exploit this by convincing a user to open a malicious file or visit a malicious web page, leading to arbitrary code execution. The issue is due to a lack of...
gimp: GIMP: Remote code execution via heap-based buffer overflow in ICNS file parsing
A flaw was found in GIMP. This heap-based buffer overflow vulnerability in the ICNS file parsing component allows a remote attacker to execute arbitrary code. Exploitation requires user interaction, where the target must open a specially crafted malicious file or visit a malicious page. This issu...
SUSE-SU-2026:0604-1 Security update for gimp
This update for gimp fixes the following issues: - CVE-2026-2272: integer overflow in ICO file handling can lead to a heap buffer overflow bsc1258000. - CVE-2026-2271: integer overflow in the PSP file parser can lead to a heap buffer overflow bsc1257999. - CVE-2026-2239: missing null terminator...