CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-45463 – gegl: shell expansion via a crafted pathname
https://notcve.org/view.php?id=CVE-2021-45463
23 Dec 2021 — load_cache in GEGL before 0.4.34 allows shell expansion when a pathname in a constructed command line is not escaped or filtered. This is caused by use of the system library function for execution of the ImageMagick convert fallback in magick-load. NOTE: GEGL releases before 0.4.34 are used in GIMP releases before 2.10.30; however, this does not imply that GIMP builds enable the vulnerable feature. load_cache en GEGL antes de la versión 0.4.34 permite la expansión del shell cuando un nombre de ruta en una l... • https://gitlab.gnome.org/GNOME/gegl/-/blob/master/docs/NEWS.adoc • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-12713
https://notcve.org/view.php?id=CVE-2018-12713
24 Jun 2018 — GIMP through 2.10.2 makes g_get_tmp_dir calls to establish temporary filenames, which may result in a filename that already exists, as demonstrated by the gimp_write_and_read_file function in app/tests/test-xcf.c. This might be leveraged by attackers to overwrite files or read file content that was intended to be private. GIMP hasta la versión 2.10.2 realiza llamadas g_get_tmp_dir para establecer nombres de archivo temporales, lo que podría resultar en un nombre de archivo que ya existe, tal y como queda de... • https://github.com/GNOME/gimp/commit/c21eff4b031acb04fb4dfce8bd5fdfecc2b6524f •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2017-17784 – Ubuntu Security Notice USN-3539-1
https://notcve.org/view.php?id=CVE-2017-17784
20 Dec 2017 — In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data. En GIMP 2.8.22, existe una sobrelectura de búfer basada en memoria dinámica (heap) en load_image en plug-ins/common/file-gbr.c en el analizador import gbr. Esto está relacionado con la gestión incorrecta de datos UTF-8. It was discovered that GIMP incorrectly handled certain images. If a user were tricked into opening a specially crafted image, an... • http://www.openwall.com/lists/oss-security/2017/12/19/5 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2017-17787 – Ubuntu Security Notice USN-3539-1
https://notcve.org/view.php?id=CVE-2017-17787
20 Dec 2017 — In GIMP 2.8.22, there is a heap-based buffer over-read in read_creator_block in plug-ins/common/file-psp.c. En GIMP 2.8.22, existe una sobrelectura de búfer basada en memoria dinámica (heap) en read_creator_block en plug-ins/common/file-psp.c. It was discovered that GIMP incorrectly handled certain images. If a user were tricked into opening a specially crafted image, an attacker could possibly use this to execute arbitrary code. • http://www.openwall.com/lists/oss-security/2017/12/19/5 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2017-17789 – Ubuntu Security Notice USN-3539-1
https://notcve.org/view.php?id=CVE-2017-17789
20 Dec 2017 — In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c. En GIMP 2.8.22, existe un desbordamiento de búfer basado en memoria dinámica (heap) en read_channel_data en plug-ins/common/file-psp.c. It was discovered that GIMP incorrectly handled certain images. If a user were tricked into opening a specially crafted image, an attacker could possibly use this to execute arbitrary code. • http://www.openwall.com/lists/oss-security/2017/12/19/5 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2017-17788 – Ubuntu Security Notice USN-3539-1
https://notcve.org/view.php?id=CVE-2017-17788
20 Dec 2017 — In GIMP 2.8.22, there is a stack-based buffer over-read in xcf_load_stream in app/xcf/xcf.c when there is no '\0' character after the version string. En GIMP 2.8.22, existe una sobrelectura de búfer basada en pila en xcf_load_stream en app/xcf/xcf.c cuando no hay un carácter "\0" después de la cadena version. It was discovered that GIMP incorrectly handled certain images. If a user were tricked into opening a specially crafted image, an attacker could possibly use this to execute arbitrary code. • http://www.openwall.com/lists/oss-security/2017/12/19/5 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2017-17785 – Ubuntu Security Notice USN-3539-1
https://notcve.org/view.php?id=CVE-2017-17785
20 Dec 2017 — In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c. En GIMP 2.8.22, existe un desbordamiento de búfer basado en memoria dinámica (heap) en la función fli_read_brun en plug-ins/file-fli/fli.c. It was discovered that GIMP incorrectly handled certain images. If a user were tricked into opening a specially crafted image, an attacker could possibly use this to execute arbitrary code. • http://www.openwall.com/lists/oss-security/2017/12/19/5 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2017-17786 – Ubuntu Security Notice USN-3539-1
https://notcve.org/view.php?id=CVE-2017-17786
20 Dec 2017 — In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1) via an unexpected bits-per-pixel value for an RGBA image. En GIMP 2.8.22, existe una sobrelectura de búfer basada en memoria dinámica (heap) en ReadImage en plug-ins/common/file-tga.c (relacionado con bgr2rgb.part.1) mediante un valor bits-per-pixel no esperado para una imagen RGBA. It was discovered that GIMP incorrectly handled certain images. If a user were tricked into opening a ... • http://www.openwall.com/lists/oss-security/2017/12/19/5 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 2%CPEs: 1EXPL: 0CVE-2016-4994 – gimp: Use-after-free vulnerabilities in the channel and layer properties parsing process
https://notcve.org/view.php?id=CVE-2016-4994
01 Jul 2016 — Use-after-free vulnerability in the xcf_load_image function in app/xcf/xcf-load.c in GIMP allows remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted XCF file. Vulnerabilidad de uso después de liberación de memoria en la función xcf_load_image en app/xcf/xcf-load.c en GIMP permite a atacantes remotos provocar una denegación de servicio (caída de programa) o posiblemente ejecutar código arbitrario a través de un archivo XCF manipulado. Multiple use-af... • http://lists.opensuse.org/opensuse-updates/2016-07/msg00005.html • CWE-416: Use After Free •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2013-1913 – gimp: xwd plugin g_new() integer overflow
https://notcve.org/view.php?id=CVE-2013-1913
04 Dec 2013 — Integer overflow in the load_image function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier, when used with glib before 2.24, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large color entries value in an X Window System (XWD) image dump. Desbordamiento de enteros en la función load_image en file-xwd.c del plugin X Window Dump (XWD) de GIMP 2.6.9 y anteriores versiones, cuando se usa en glib anterior a la versión 2.24, permit... • http://rhn.redhat.com/errata/RHSA-2013-1778.html • CWE-190: Integer Overflow or Wraparound •