Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

11 – 20 of 41 results


CVE-2017-17786

Low priority

Some fixes available 1 of 4

In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1) via an unexpected bits-per-pixel value for an RGBA image.

1 affected packages

gimp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gimp Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2017-17785

Low priority

Some fixes available 1 of 4

In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c.

1 affected packages

gimp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gimp Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2017-17784

Low priority

Some fixes available 1 of 4

In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data.

1 affected packages

gimp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gimp Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2016-4994

Medium priority
Fixed

Use-after-free vulnerability in the xcf_load_image function in app/xcf/xcf-load.c in GIMP allows remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted XCF file.

1 affected packages

gimp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gimp Fixed
Show less packages

CVE-2013-1953

Medium priority

Some fixes available 1 of 22

Integer underflow in the input_bmp_reader function in input-bmp.c in AutoTrace 0.31.1 allows context-dependent attackers to have an unspecified impact via a small value in the biSize field in the header of a BMP file, which...

3 affected packages

autotrace, gimp, sam2p

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
autotrace Not in release Not in release Not in release Not in release Not affected
gimp Not affected Not affected Not affected Not affected Not affected
sam2p Not in release Not in release Not in release Not in release Vulnerable
Show less packages

CVE-2013-1978

Medium priority

Some fixes available 4 of 5

Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code...

1 affected packages

gimp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gimp
Show less packages

CVE-2013-1913

Medium priority

Some fixes available 4 of 5

Integer overflow in the load_image function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier, when used with glib before 2.24, allows remote attackers to cause a denial of service (crash) and possibly...

1 affected packages

gimp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gimp
Show less packages

CVE-2012-5576

Medium priority

Some fixes available 4 of 5

Multiple stack-based buffer overflows in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.8.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large (1) red, (2) green,...

1 affected packages

gimp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gimp
Show less packages

CVE-2012-4245

Low priority
Ignored

The scriptfu network server in GIMP 2.6 does not require authentication, which allows remote attackers to execute arbitrary commands via the python-fu-eval command.

1 affected packages

gimp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gimp
Show less packages

CVE-2012-3481

Medium priority

Some fixes available 4 of 5

Integer overflow in the ReadImage function in plug-ins/common/file-gif-load.c in the GIF image format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute...

1 affected packages

gimp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gimp
Show less packages