CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-32990 – gimp: unhandled exception via a crafted XCF file may lead to DoS
https://notcve.org/view.php?id=CVE-2022-32990
24 Jun 2022 — An issue in gimp_layer_invalidate_boundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service (DoS). Un problema en la función gimp_layer_invalidate_boundary de GNOME GIMP versión 2.10.30, permite a atacantes desencadenar una excepción no manejada por medio de un archivo XCF diseñado, causando una Denegación de Servicio (DoS) A vulnerability was found in GIMP when loading a specially crafted XCF file. Due to an incorrect function retu... • https://gitlab.gnome.org/GNOME/gimp/-/issues/8230 • CWE-125: Out-of-bounds Read CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 1CVE-2022-30067 – gimp: buffer overflow through a crafted XCF file
https://notcve.org/view.php?id=CVE-2022-30067
17 May 2022 — GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash. GIMP versiones 2.10.30 y 2.99.10, son vulnerables a un Desbordamiento del Búfer. Mediante un archivo XCF diseñado, el programa asignará una gran cantidad de memoria, resultando en una memoria insuficiente o en un bloqueo del programa A vulnerability was found in GIMP. Via a specially crafted XCF file, GIMP can alloca... • https://gitlab.gnome.org/GNOME/gimp/-/issues/8120 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •