CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-44441 – GIMP DDS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-44441
14 Nov 2023 — GIMP DDS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DDS files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer.... • https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-44442 – GIMP PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-44442
14 Nov 2023 — GIMP PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSD files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer.... • https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-44443 – GIMP PSP File Parsing Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-44443
14 Nov 2023 — GIMP PSP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. • https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-44444 – GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-44444
14 Nov 2023 — GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files. Crafted data in a PSP file can trigger an off-by-one error when calculating a location to write within a heap-based buffer. • https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released • CWE-193: Off-by-one Error •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-32990 – gimp: unhandled exception via a crafted XCF file may lead to DoS
https://notcve.org/view.php?id=CVE-2022-32990
24 Jun 2022 — An issue in gimp_layer_invalidate_boundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service (DoS). Un problema en la función gimp_layer_invalidate_boundary de GNOME GIMP versión 2.10.30, permite a atacantes desencadenar una excepción no manejada por medio de un archivo XCF diseñado, causando una Denegación de Servicio (DoS) A vulnerability was found in GIMP when loading a specially crafted XCF file. Due to an incorrect function retu... • https://gitlab.gnome.org/GNOME/gimp/-/issues/8230 • CWE-125: Out-of-bounds Read CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 1CVE-2022-30067 – gimp: buffer overflow through a crafted XCF file
https://notcve.org/view.php?id=CVE-2022-30067
17 May 2022 — GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash. GIMP versiones 2.10.30 y 2.99.10, son vulnerables a un Desbordamiento del Búfer. Mediante un archivo XCF diseñado, el programa asignará una gran cantidad de memoria, resultando en una memoria insuficiente o en un bloqueo del programa A vulnerability was found in GIMP. Via a specially crafted XCF file, GIMP can alloca... • https://gitlab.gnome.org/GNOME/gimp/-/issues/8120 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 1%CPEs: 6EXPL: 0CVE-2021-45463 – gegl: shell expansion via a crafted pathname
https://notcve.org/view.php?id=CVE-2021-45463
23 Dec 2021 — load_cache in GEGL before 0.4.34 allows shell expansion when a pathname in a constructed command line is not escaped or filtered. This is caused by use of the system library function for execution of the ImageMagick convert fallback in magick-load. NOTE: GEGL releases before 0.4.34 are used in GIMP releases before 2.10.30; however, this does not imply that GIMP builds enable the vulnerable feature. load_cache en GEGL antes de la versión 0.4.34 permite la expansión del shell cuando un nombre de ruta en una l... • https://gitlab.gnome.org/GNOME/gegl/-/blob/master/docs/NEWS.adoc • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-12713
https://notcve.org/view.php?id=CVE-2018-12713
24 Jun 2018 — GIMP through 2.10.2 makes g_get_tmp_dir calls to establish temporary filenames, which may result in a filename that already exists, as demonstrated by the gimp_write_and_read_file function in app/tests/test-xcf.c. This might be leveraged by attackers to overwrite files or read file content that was intended to be private. GIMP hasta la versión 2.10.2 realiza llamadas g_get_tmp_dir para establecer nombres de archivo temporales, lo que podría resultar en un nombre de archivo que ya existe, tal y como queda de... • https://github.com/GNOME/gimp/commit/c21eff4b031acb04fb4dfce8bd5fdfecc2b6524f •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2017-17784 – Ubuntu Security Notice USN-3539-1
https://notcve.org/view.php?id=CVE-2017-17784
20 Dec 2017 — In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data. En GIMP 2.8.22, existe una sobrelectura de búfer basada en memoria dinámica (heap) en load_image en plug-ins/common/file-gbr.c en el analizador import gbr. Esto está relacionado con la gestión incorrecta de datos UTF-8. It was discovered that GIMP incorrectly handled certain images. If a user were tricked into opening a specially crafted image, an... • http://www.openwall.com/lists/oss-security/2017/12/19/5 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2017-17785 – Ubuntu Security Notice USN-3539-1
https://notcve.org/view.php?id=CVE-2017-17785
20 Dec 2017 — In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c. En GIMP 2.8.22, existe un desbordamiento de búfer basado en memoria dinámica (heap) en la función fli_read_brun en plug-ins/file-fli/fli.c. It was discovered that GIMP incorrectly handled certain images. If a user were tricked into opening a specially crafted image, an attacker could possibly use this to execute arbitrary code. • http://www.openwall.com/lists/oss-security/2017/12/19/5 • CWE-787: Out-of-bounds Write •