CVE-2022-30067
published 2022-05-17CVE-2022-30067: GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in…
medium5.5CVSS 3.1
AVLACLPRNUIRSUCNINAH
GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gimp | < gimp 2.10.32-1 (bookworm) | gimp 2.10.32-1 (bookworm) |
| gimp | gimp | — | — |
| gimp | gimp | — | — |
| gimp | gimp | >= 0 < 2.10.22-4+deb11u5 | 2.10.22-4+deb11u5 |
| gimp | gimp | >= 0 < 2.10.32-1 | 2.10.32-1 |
| gimp | gimp | >= 0 < 2.10.32-1 | 2.10.32-1 |
| gimp | gimp | >= 0 < 2.10.32-1 | 2.10.32-1 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv5.5MEDIUM