533 matches found
Updated gimp packages fix security vulnerabilities
XWD File Parsing Integer Overflow Remote Code Execution Vulnerability. CVE-2025-2760 FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. CVE-2025-2761 Multiple heap buffer overflows in tga parser. CVE-2025-48797 Multiple use after free in xcf parser. CVE-2025-48798 XWD File...
OESA-2026-1118 gimp security update
The GIMP is an image composition and editing program, which can be used for creating logos and other graphics for Web pages. The GIMP offers many tools and filters, and provides a large image manipulation toolbox, including channel operations and layers, effects, subpixel imaging and antialiasing...
OESA-2026-1117 gimp security update
The GIMP is an image composition and editing program, which can be used for creating logos and other graphics for Web pages. The GIMP offers many tools and filters, and provides a large image manipulation toolbox, including channel operations and layers, effects, subpixel imaging and antialiasing...
MiracleLinux 9 : gimp-2.99.8-4.el9_6.2 (AXSA:2025-10549:03)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10549:03 advisory. gimp: Multiple use after free in XCF parser CVE-2025-48798 gimp: Multiple heap buffer overflows in TGA parser CVE-2025-48797 gimp: GIMP ICO File...
[SECURITY] [DLA 4431-1] gimp security update
Debian LTS Advisory DLA-4431-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson January 02, 2026 https://wiki.debian.org/LTS Package : gimp Version : 2.10.22-4+deb11u5 CVE ID : CVE-2022-30067 CVE-2025-14422 CVE-2025-14425 Debian Bug : Several vulnerabilities wer...
Debian dla-4431 : gimp - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4431 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4431-1 [email protected]...
CVE-2025-14424
A flaw was found in GIMP. This use-after-free vulnerability in the XCF file parsing component allows a remote attacker to execute arbitrary code. Successful exploitation requires user interaction, where a target must open a specially crafted malicious XCF file. This can lead to the execution of...
EUVD-2025-204981
GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...
Linux Distros Unpatched Vulnerability : CVE-2025-14424
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected...
CVE-2025-14424
GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...
UBUNTU-CVE-2025-14424
GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...
CVE-2025-14424 GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability
GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...
CVE-2025-14424
The CVE-2025-14424 issue affects GIMP’s XCF file parsing and is described as a Use-After-Free resulting from not validating the existence of an object before operating on it, enabling potential remote code execution. Connected advisories confirm this vulnerability alongside related CVEs (e.g., CV...
CVE-2025-14424
GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...
CVE-2025-14424 GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability
GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...
CVE-2025-14424
GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...
GIMP 资源管理错误漏洞
GIMP is an open source bitmap image editor from the GIMP team. A resource management error vulnerability exists in GIMP that stems from a lack of validation of the existence of an object before performing operations on it when parsing XCF files, which could lead to post-release reuse and remote...
TencentOS Server 4: gimp (TSSA-2025:0601)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0601 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
TencentOS Server 3: gimp:2.8 (TSSA-2025:0473)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0473 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
OSV-2025-906 Use-of-uninitialized-value in QImage::pixel
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=461199967 Crash type: Use-of-uninitialized-value Crash state: QImage::pixel XCFImageFormat::copyGrayAToRGB XCFImageFormat::copyLayerToImage...