CVE-2026-35444 SDL_image has a heap buffer overflow READ via unchecked colormap index in XCF loader

SDLimage is a library to load images of various formats as SDL surfaces. In dolayersurface in src/IMGxcf.c, pixel index values from decoded XCF tile data are used directly as colormap indices without validating them against the colormap size cmnum. A crafted .xcf file with a small colormap and...

CVE-2026-35444

The CVE-2026-35444 issue affects SDL_image’s XCF loader (src/IMG_xcf.c). In do_layer_surface(), pixel indices from decoded XCF tile data are used directly as colormap indices without validating against cm_num, enabling heap out-of-bounds reads (up to 762 bytes past the colormap allocation) for bo...

CVE-2026-35444 SDL_image has a heap buffer overflow READ via unchecked colormap index in XCF loader

SDLimage is a library to load images of various formats as SDL surfaces. In dolayersurface in src/IMGxcf.c, pixel index values from decoded XCF tile data are used directly as colormap indices without validating them against the colormap size cmnum. A crafted .xcf file with a small colormap and...

CLSA-2025-1758825546 gimp: Fix of CVE-2025-48798

CVE-2025-48798: fix XCF loader use-after-free issues by properly managing layer/channel resources and ensuring safe cleanup during parsing...

UBUNTU-CVE-2017-17788

In GIMP 2.8.22, there is a stack-based buffer over-read in xcfloadstream in app/xcf/xcf.c when there is no '\0' character after the version string...

UBUNTU-CVE-2017-13133

In ImageMagick 7.0.6-8, the loadlevel function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service loadtile memory exhaustion via a crafted file...

SuSE 10 Security Update : gimp (ZYPP Patch Number 1920)

A buffer overflow was fixed in the xcf loader in GIMP that allows user-complicit attackers to cause a denial of service crash and possibly execute arbitrary code via an XCF file with a large numaxes value in the VECTORS property. CVE-2006-3404 %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

openSUSE 10 Security Update : gimp (gimp-1921)

A buffer overflow was fixed in the xcf loader in GIMP that allows user-complicit attackers to cause a denial of service crash and possibly execute arbitrary code via an XCF file with a large numaxes value in the VECTORS property. CVE-2006-3404 %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

DEBIAN-CVE-2006-3404

Buffer overflow in the xcfloadvector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via an XCF file with a large numaxes value in the VECTORS property...