80 matches found
Astra Linux – Vulnerability in GIMP
GIMP JP2 File Parsing: Heap-Based Buffer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page ...
Important: Red Hat Security Advisory: gimp security update
An update for gimp is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
CVE-2026-46559
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an incorrect check in the JP2 will result in an heap buffer over-write of a single byte when specifying certain options. This issue has been patched in versions...
gimp: GIMP: Remote Code Execution via malicious JP2 file parsing
A flaw was found in GIMP. A remote attacker could exploit this by tricking a user into opening a specially crafted JP2 JPEG 2000 file. This flaw is due to a heap-based buffer overflow during JP2 file parsing, which allows for arbitrary code execution. Successful exploitation enables the attacker ...
RLSA-2026:16484 Important: gimp security update
The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: GIMP:Memo...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: gimp (UTSA-2026-014294)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014294 advisory. GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affecte...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: gimp (UTSA-2026-006280)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006280 advisory. GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affecte...
Important: Red Hat Security Advisory: gimp security update
An update for gimp is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
SUSE SLED15: gimp / gimp-devel / gimp-lang / gimp-plugin-aa / libgimp-2_0-0 / etc (SUSE-SU-2026:0313-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0313-1 advisory. - CVE-2025-14422: Fixed RCE vulnerability due to PNM file parsing integer overflow bsc1255293 -...
RHEL 9 : gimp (RHSA-2026:1586)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1586 advisory. The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox,...
Important: Red Hat Security Advisory: gimp security update
An update for gimp is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Security update for gimp
This update for gimp fixes the following issues: CVE-2025-14422: Fixed RCE vulnerability due to PNM file parsing integer overflow bsc1255293 CVE-2025-14425: Fixed RCE vulnerability due to JP2 file parsing heap-based buffer overflow bsc1255296 Patch Instructions: To install this SUSE update use th...
SUSE-SU-2026:0313-1 Security update for gimp
This update for gimp fixes the following issues: - CVE-2025-14422: Fixed RCE vulnerability due to PNM file parsing integer overflow bsc1255293 - CVE-2025-14425: Fixed RCE vulnerability due to JP2 file parsing heap-based buffer overflow bsc1255296...
RockyLinux 9 : gimp (RLSA-2026:0914)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0914 advisory. gimp: GIMP: Remote Code Execution via PNM file parsing integer overflow CVE-2025-14422 gimp: GIMP: Remote Code Execution via JP2 file parsing heap-based...
ALSA-2026:0914 Important: gimp security update
The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: GIMP:...
Important: gimp security update
The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: GIMP:...
[SECURITY] [DLA 4431-1] gimp security update
Debian LTS Advisory DLA-4431-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson January 02, 2026 https://wiki.debian.org/LTS Package : gimp Version : 2.10.22-4+deb11u5 CVE ID : CVE-2022-30067 CVE-2025-14422 CVE-2025-14425 Debian Bug : Several vulnerabilities wer...
CVE-2025-14425
GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...
DEBIAN-CVE-2025-14425
GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...
CVE-2025-14425
Summary: CVE-2025-14425 affects GIMP via a JP2 file parsing heap-based buffer overflow, enabling remote code execution. The flaw arises from inadequate validation of JP2 data length before copying to a heap buffer. Exploitation in the wild is not detailed in the provided documents; the initial de...