1171 matches found
Important: gimp
Issue Overview: GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious...
Amazon Linux 2 : gimp, --advisory ALAS2GIMP-2026-014 (ALASGIMP-2026-014)
The version of gimp installed on the remote host is prior to 2.8.22-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2GIMP-2026-014 advisory. GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to...
CLSA-2026-1777455968 exiv2: Fix of CVE-2026-27631
CVE-2026-27631: fix integer overflow in preview component of PSD image parser...
Debian dla-4547 : gimp - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4547 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4547-1 [email protected]...
CLSA-2026-1776848113 gimp: Fix of 2 CVEs
CVE-2026-2239: fix heap-buffer-overflow in freadpascalstring when processing PSD files and a follow-up NULL pointer dereference in loadresource1006 alpha names handling - CVE-2026-2272: fix integer overflow in ICO file loading...
CVE-2026-40493
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit c930284445ea3ff94451ccd7a57c999eca3bc979, the PSD codec computes bytes-per-pixel bpp from raw header fields channels depth, but the pixel buffer is allocated base...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the PSD decoding process due to a mismatch between the computed bytes-per-pixel from the image header and the allocated pixel buffer size in LAB 16-bit mode. An attacker can achieve arbitrary code execution or cau...
CVE-2026-40493
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit c930284445ea3ff94451ccd7a57c999eca3bc979, the PSD codec computes bytes-per-pixel bpp from raw header fields channels depth, but the pixel buffer is allocated base...
DEBIAN-CVE-2026-40493
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit c930284445ea3ff94451ccd7a57c999eca3bc979, the PSD codec computes bytes-per-pixel bpp from raw header fields channels depth, but the pixel buffer is allocated base...
CVE-2026-40493
SAIL PSD decoder in LAB mode (3 channels, 16-bit depth) suffers a heap buffer overflow due to a bpp mismatch: bytes-per-pixel is computed as (channelsdepth) but the allocated buffer uses the resolved pixel format (BPP40_CIE_LAB yields 5 bytes/pixel while 3 16 would imply 6). This causes every pix...
CVE-2026-40493 SAIL has heap buffer overflow in PSD decoder — bpp mismatch in LAB 16-bit mode
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit c930284445ea3ff94451ccd7a57c999eca3bc979, the PSD codec computes bytes-per-pixel bpp from raw header fields channels depth, but the pixel buffer is allocated base...
EUVD-2026-23646
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit c930284445ea3ff94451ccd7a57c999eca3bc979, the PSD codec computes bytes-per-pixel bpp from raw header fields channels depth, but the pixel buffer is allocated base...
CVE-2026-40493 SAIL has heap buffer overflow in PSD decoder — bpp mismatch in LAB 16-bit mode
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit c930284445ea3ff94451ccd7a57c999eca3bc979, the PSD codec computes bytes-per-pixel bpp from raw header fields channels depth, but the pixel buffer is allocated base...
Linux Distros Unpatched Vulnerability : CVE-2026-40493
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit...
PT-2026-33586
Name of the Vulnerable Software and Affected Versions SAIL versions prior to commit c930284445ea3ff94451ccd7a57c999eca3bc979 Description The PSD codec in this cross-platform image library for loading and saving images contains a heap buffer overflow when processing images in LAB mode. The issue...
SAIL 安全漏洞
SAIL is an open-source image decoding library developed by SAIL. SAIL has a security vulnerability, which stems from inconsistencies in byte-per-pixel calculations and pixel buffer allocations within the PSD encoder. This can lead to heap buffer overflows...
[SECURITY] [DSA 6215-1] gimp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6215-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 17, 2026 https://www.debian.org/security/faq -...
OESA-2026-1958 gimp security update
The GIMP is an image composition and editing program, which can be used for creating logos and other graphics for Web pages. The GIMP offers many tools and filters, and provides a large image manipulation toolbox, including channel operations and layers, effects, subpixel imaging and antialiasing...
OESA-2026-1957 gimp security update
The GIMP is an image composition and editing program, which can be used for creating logos and other graphics for Web pages. The GIMP offers many tools and filters, and provides a large image manipulation toolbox, including channel operations and layers, effects, subpixel imaging and antialiasing...
Security Bulletin: IBM Edge Data Collector uses pillow-10.3.0-cp39-cp39-manylinux_2_28_x86_64.whl which is vulnerable to CVE-2026-25990.
Summary IBM Edge Data Collector uses pillow-10.3.0-cp39-cp39-manylinux228x8664.whl which is vulnerable to CVE-2026-25990. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-25990 DESCRIPTION: Pillow is a Python imaging library. From 10.3.0 to...