~/products/debian/gimp

pipeline liveDigest Docs

Debian Gimp vulnerabilities

66 known vulnerabilities affecting debian/gimp.

Total CVEs

66

CISA KEV

0

Public exploits

4

Exploited in wild

0

Severity breakdown

CRITICAL1HIGH24MEDIUM14LOW27

Vulnerabilities

Page 4 of 4

CVE-2007-2356MEDIUMCVSS 6.8PoCfixed in gimp 2.2.14-2 (bookworm)2007

CVE-2007-2356 [MEDIUM] CVE-2007-2356: gimp - Stack-based buffer overflow in the set_color_table function in sunras.c in the S... Stack-based buffer overflow in the set_color_table function in sunras.c in the SUNRAS plugin in Gimp 2.2.14 allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file. Scope: local bookworm: resolved (fixed in 2.2.14-2) bullseye: resolved (fixed in 2.2.14-2) forky: resolved (fixed in 2.2.14-2) sid: resolved (fixed in 2.2.14-2) trixie: resolv

CVE-2007-2949MEDIUMCVSS 6.8fixed in gimp 2.2.16-1 (bookworm)2007

CVE-2007-2949 [MEDIUM] CVE-2007-2949: gimp - Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugi... Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value. Scope: local bookworm: resolved (fixed in 2.2.16-1) bullseye: resolved (fixed in 2.2.16-1) forky: resolved (fixed in 2.2.16-1) sid: resolved (fixed

CVE-2007-3741LOWCVSS 4.3fixed in gimp 2.2.17-1 (bookworm)2007

CVE-2007-3741 [MEDIUM] CVE-2007-3741: gimp - The (1) psp (aka .tub), (2) bmp, (3) pcx, and (4) psd plugins in gimp allow user... The (1) psp (aka .tub), (2) bmp, (3) pcx, and (4) psd plugins in gimp allow user-assisted remote attackers to cause a denial of service (crash or memory consumption) via crafted image files, as discovered using the fusil fuzzing tool. Scope: local bookworm: resolved (fixed in 2.2.17-1) bullseye: resolved (fixed in 2.2.17-1) forky: resolved (fixed in 2.2.17-1) sid: reso

CVE-2007-3126LOWCVSS 5.5fixed in gimp 2.8.22-1 (bookworm)2007

CVE-2007-3126 [MEDIUM] CVE-2007-3126: gimp - Gimp before 2.8.22 allows context-dependent attackers to cause a denial of servi... Gimp before 2.8.22 allows context-dependent attackers to cause a denial of service (crash) via an ICO file with an InfoHeader containing a Height of zero, a similar issue to CVE-2007-2237. Scope: local bookworm: resolved (fixed in 2.8.22-1) bullseye: resolved (fixed in 2.8.22-1) forky: resolved (fixed in 2.8.22-1) sid: resolved (fixed in 2.8.22-1) trixie: resolved (fix

CVE-2006-4519MEDIUMCVSS 6.8fixed in gimp 2.2.16-1 (bookworm)2006

CVE-2006-4519 [MEDIUM] CVE-2006-4519: gimp - Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 al... Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, and (7) XWD files. Scope: local bookworm: resolved (fixed in 2.2.16-1) bullseye: resolved (fixed in 2.2.16-1) forky: resolved (fixed in 2.2.1

CVE-2006-3404MEDIUMCVSS 5.1fixed in gimp 2.2.11-3.1 (bookworm)2006

CVE-2006-3404 [MEDIUM] CVE-2006-3404: gimp - Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp b... Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XCF file with a large num_axes value in the VECTORS property. Scope: local bookworm: resolved (fixed in 2.2.11-3.1) bullseye: resolved (fixed in 2.2.11-3.1) forky: res

← Previous4 / 4