Package Instance

reference_id

11822

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2368558

reference_url

reference_id

2368558

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2368558

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id	cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream
reference_id	cpe:/a:redhat:rhel_e4s:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream
reference_id	cpe:/a:redhat:rhel_e4s:8.8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream
reference_id	cpe:/a:redhat:rhel_tus:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream
reference_id	cpe:/a:redhat:rhel_tus:8.8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7
reference_id	cpe:/o:redhat:rhel_els:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7

reference_url

https://access.redhat.com/security/cve/CVE-2025-48797

reference_id

CVE-2025-48797

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/

url

https://access.redhat.com/security/cve/CVE-2025-48797

reference_url

reference_id

RHSA-2025:9162

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/

url

reference_url

reference_id

RHSA-2025:9165

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/

url

reference_url

reference_id

RHSA-2025:9308

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/

url

reference_url

reference_id

RHSA-2025:9309

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/

url

reference_url

reference_id

RHSA-2025:9310

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/

url

reference_url

reference_id

RHSA-2025:9314

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/

url

reference_url

reference_id

RHSA-2025:9315

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/

url

reference_url

reference_id

RHSA-2025:9316

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/

url

reference_url

reference_id

RHSA-2025:9501

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/

url

reference_url

reference_id

RHSA-2025:9569

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/

url

https://api.first.org/data/v1/epss?cve=CVE-2007-2356

reference_url	https://usn.ubuntu.com/8075-1/
reference_id	USN-8075-1
reference_type
scores
url	https://usn.ubuntu.com/8075-1/

fixed_packages

url pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-3sqk-cbwn-tqa7

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-gfzg-1hvp-5ugd

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u3?distro=trixie
purl	pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-gfzg-1hvp-5ugd

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.0.0~RC1-4?distro=trixie
purl	pkg:deb/debian/gimp@3.0.0~RC1-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.0~RC1-4%3Fdistro=trixie

url pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie

purl pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-rw3k-nfe2-4qd2

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-3%252Bdeb13u7%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.0-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.0-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.2-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.4-1%3Fdistro=trixie

aliases CVE-2025-48797

risk_score 3.3

exploitability 0.5

weighted_severity 6.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dtpr-ndvm-5udg

url VCID-enq7-y48z-gybf

vulnerability_id VCID-enq7-y48z-gybf

summary

GIMP is vulnerable to a buffer overflow which may lead to the execution of
    arbitrary code.

references

reference_url	http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html
reference_id
reference_type
scores
url	http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2356.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2356.json

reference_url

reference_id

reference_type

scores

value	0.40424
scoring_system	epss
scoring_elements	0.97329
published_at	2026-04-01T12:55:00Z

value	0.41011
scoring_system	epss
scoring_elements	0.97362
published_at	2026-04-02T12:55:00Z

value	0.41011
scoring_system	epss
scoring_elements	0.97367
published_at	2026-04-07T12:55:00Z

value	0.41011
scoring_system	epss
scoring_elements	0.97374
published_at	2026-04-08T12:55:00Z

value	0.41011
scoring_system	epss
scoring_elements	0.97375
published_at	2026-04-09T12:55:00Z

value	0.41011
scoring_system	epss
scoring_elements	0.97377
published_at	2026-04-11T12:55:00Z

value	0.41011
scoring_system	epss
scoring_elements	0.97378
published_at	2026-04-12T12:55:00Z

value	0.41011
scoring_system	epss
scoring_elements	0.97379
published_at	2026-04-13T12:55:00Z

value	0.41011
scoring_system	epss
scoring_elements	0.97387
published_at	2026-04-16T12:55:00Z

value	0.41011
scoring_system	epss
scoring_elements	0.9739
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-2356

reference_url	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=238422
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=238422

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2356
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2356

reference_url	http://secunia.com/advisories/25012
reference_id
reference_type
scores
url	http://secunia.com/advisories/25012

reference_url	http://secunia.com/advisories/25111
reference_id
reference_type
scores
url	http://secunia.com/advisories/25111

reference_url	http://secunia.com/advisories/25167
reference_id
reference_type
scores
url	http://secunia.com/advisories/25167

reference_url	http://secunia.com/advisories/25239
reference_id
reference_type
scores
url	http://secunia.com/advisories/25239

reference_url	http://secunia.com/advisories/25346
reference_id
reference_type
scores
url	http://secunia.com/advisories/25346

reference_url	http://secunia.com/advisories/25359
reference_id
reference_type
scores
url	http://secunia.com/advisories/25359

reference_url	http://secunia.com/advisories/25466
reference_id
reference_type
scores
url	http://secunia.com/advisories/25466

reference_url	http://secunia.com/advisories/25573
reference_id
reference_type
scores
url	http://secunia.com/advisories/25573

reference_url	http://secunia.com/advisories/28114
reference_id
reference_type
scores
url	http://secunia.com/advisories/28114

reference_url	http://security.gentoo.org/glsa/glsa-200705-08.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200705-08.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/33911
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/33911

reference_url	https://issues.rpath.com/browse/RPL-1318
reference_id
reference_type
scores
url	https://issues.rpath.com/browse/RPL-1318

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10054
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10054

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5960
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5960

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1

reference_url	http://www.debian.org/security/2007/dsa-1301
reference_id
reference_type
scores
url	http://www.debian.org/security/2007/dsa-1301

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:108
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:108

reference_url	http://www.redhat.com/support/errata/RHSA-2007-0343.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2007-0343.html

reference_url	http://www.securityfocus.com/archive/1/467231/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/467231/100/0/threaded

reference_url	http://www.securityfocus.com/bid/23680
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/23680

reference_url	http://www.securitytracker.com/id?1018092
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1018092

reference_url	http://www.ubuntu.com/usn/usn-467-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-467-1

reference_url	http://www.vupen.com/english/advisories/2007/1560
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/1560

reference_url	http://www.vupen.com/english/advisories/2007/4241
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/4241

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=238420
reference_id	238420
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=238420

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.2.14:::::::*
reference_id	cpe:2.3:a:gimp:gimp:2.2.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.2.14:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2007-2356

reference_id

CVE-2007-2356

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2007-2356

reference_url	https://security.gentoo.org/glsa/200705-08
reference_id	GLSA-200705-08
reference_type
scores
url	https://security.gentoo.org/glsa/200705-08

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/3801.c
reference_id	OSVDB-35417;CVE-2007-2356
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/3801.c

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows_x86/local/3888.c
reference_id	OSVDB-35417;CVE-2007-2356
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows_x86/local/3888.c

reference_url	https://access.redhat.com/errata/RHSA-2007:0343
reference_id	RHSA-2007:0343
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0343

reference_url	https://usn.ubuntu.com/467-1/
reference_id	USN-467-1
reference_type
scores
url	https://usn.ubuntu.com/467-1/

fixed_packages

url	pkg:deb/debian/gimp@2.2.14-2?distro=trixie
purl	pkg:deb/debian/gimp@2.2.14-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.2.14-2%3Fdistro=trixie

url pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-3sqk-cbwn-tqa7

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-gfzg-1hvp-5ugd

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-gfzg-1hvp-5ugd

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie

purl pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-rw3k-nfe2-4qd2

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-3%252Bdeb13u7%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.0-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.0-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.2-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.4-1%3Fdistro=trixie

aliases CVE-2007-2356

risk_score 10.0

exploitability 2.0

weighted_severity 6.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-enq7-y48z-gybf

url VCID-eybg-sjmd-q7a2

vulnerability_id VCID-eybg-sjmd-q7a2

summary Multiple vulnerabilities have been discovered in GIMP, the worst of which can lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44443.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44443.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-44443

reference_id

reference_type

scores

value	0.63756
scoring_system	epss
scoring_elements	0.98408
published_at	2026-04-02T12:55:00Z

value	0.63756
scoring_system	epss
scoring_elements	0.98425
published_at	2026-04-21T12:55:00Z

value	0.63756
scoring_system	epss
scoring_elements	0.98414
published_at	2026-04-07T12:55:00Z

value	0.63756
scoring_system	epss
scoring_elements	0.98417
published_at	2026-04-08T12:55:00Z

value	0.63756
scoring_system	epss
scoring_elements	0.98418
published_at	2026-04-09T12:55:00Z

value	0.63756
scoring_system	epss
scoring_elements	0.98421
published_at	2026-04-13T12:55:00Z

value	0.63756
scoring_system	epss
scoring_elements	0.98426
published_at	2026-04-16T12:55:00Z

value	0.63756
scoring_system	epss
scoring_elements	0.98411
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-44443

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44441
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44441

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44442
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44442

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44443
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44443

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44444
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44444

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055984
reference_id	1055984
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055984

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2249944
reference_id	2249944
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2249944

reference_url

https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/

reference_id

gimp-2-10-36-released

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-05T17:14:40Z/

url

https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/

reference_url	https://security.gentoo.org/glsa/202501-02
reference_id	GLSA-202501-02
reference_type
scores
url	https://security.gentoo.org/glsa/202501-02

reference_url	https://access.redhat.com/errata/RHSA-2024:0675
reference_id	RHSA-2024:0675
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0675

reference_url	https://access.redhat.com/errata/RHSA-2024:0702
reference_id	RHSA-2024:0702
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0702

reference_url	https://access.redhat.com/errata/RHSA-2024:0716
reference_id	RHSA-2024:0716
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0716

reference_url	https://access.redhat.com/errata/RHSA-2025:0746
reference_id	RHSA-2025:0746
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0746

reference_url	https://access.redhat.com/errata/RHSA-2025:3617
reference_id	RHSA-2025:3617
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3617

reference_url	https://access.redhat.com/errata/RHSA-2025:3629
reference_id	RHSA-2025:3629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3629

reference_url	https://access.redhat.com/errata/RHSA-2025:7417
reference_id	RHSA-2025:7417
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7417

reference_url	https://usn.ubuntu.com/6521-1/
reference_id	USN-6521-1
reference_type
scores
url	https://usn.ubuntu.com/6521-1/

reference_url

https://www.zerodayinitiative.com/advisories/ZDI-23-1593/

reference_id

ZDI-23-1593

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-05T17:14:40Z/

url

https://www.zerodayinitiative.com/advisories/ZDI-23-1593/

fixed_packages

url	pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-3sqk-cbwn-tqa7

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-gfzg-1hvp-5ugd

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-gfzg-1hvp-5ugd

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5%3Fdistro=trixie

url	pkg:deb/debian/gimp@2.10.36-1?distro=trixie
purl	pkg:deb/debian/gimp@2.10.36-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.36-1%3Fdistro=trixie

url pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie

purl pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-rw3k-nfe2-4qd2

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-3%252Bdeb13u7%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.0-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.0-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.2-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.4-1%3Fdistro=trixie

aliases CVE-2023-44443, ZDI-CAN-22096

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eybg-sjmd-q7a2

url VCID-fraw-9hj8-vbhs

vulnerability_id VCID-fraw-9hj8-vbhs

summary gimp: GIMP: Heap buffer overflow due to integer overflow in FITS image loader

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40915.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40915.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-40915

reference_id

reference_type

scores

value	0.00017
scoring_system	epss
scoring_elements	0.04093
published_at	2026-04-18T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.04085
published_at	2026-04-16T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06827
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-40915

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40915
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40915

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2458744

reference_id

2458744

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T19:32:48Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2458744

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2026-40915

reference_id

CVE-2026-40915

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T19:32:48Z/

url

https://access.redhat.com/security/cve/CVE-2026-40915

fixed_packages

url	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.2-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.4-1%3Fdistro=trixie

aliases CVE-2026-40915

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fraw-9hj8-vbhs

url VCID-fta8-9na3-u3hb

vulnerability_id VCID-fta8-9na3-u3hb

summary several

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1913.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1913.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-1913

reference_id

reference_type

scores

value	0.02017
scoring_system	epss
scoring_elements	0.83676
published_at	2026-04-01T12:55:00Z

value	0.02017
scoring_system	epss
scoring_elements	0.83689
published_at	2026-04-02T12:55:00Z

value	0.02017
scoring_system	epss
scoring_elements	0.83703
published_at	2026-04-04T12:55:00Z

value	0.02017
scoring_system	epss
scoring_elements	0.83705
published_at	2026-04-07T12:55:00Z

value	0.02017
scoring_system	epss
scoring_elements	0.83729
published_at	2026-04-08T12:55:00Z

value	0.02017
scoring_system	epss
scoring_elements	0.83736
published_at	2026-04-09T12:55:00Z

value	0.02017
scoring_system	epss
scoring_elements	0.83752
published_at	2026-04-11T12:55:00Z

value	0.02017
scoring_system	epss
scoring_elements	0.83746
published_at	2026-04-12T12:55:00Z

value	0.02017
scoring_system	epss
scoring_elements	0.83741
published_at	2026-04-13T12:55:00Z

value	0.02017
scoring_system	epss
scoring_elements	0.83775
published_at	2026-04-16T12:55:00Z

value	0.02017
scoring_system	epss
scoring_elements	0.83776
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-1913

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1913
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1913

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1978
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1978

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731305
reference_id	731305
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731305

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=947868
reference_id	947868
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=947868

reference_url	https://security.gentoo.org/glsa/201603-01
reference_id	GLSA-201603-01
reference_type
scores
url	https://security.gentoo.org/glsa/201603-01

reference_url	https://access.redhat.com/errata/RHSA-2013:1778
reference_id	RHSA-2013:1778
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1778

reference_url	https://usn.ubuntu.com/2051-1/
reference_id	USN-2051-1
reference_type
scores
url	https://usn.ubuntu.com/2051-1/

fixed_packages

url	pkg:deb/debian/gimp@2.8.10-0.1?distro=trixie
purl	pkg:deb/debian/gimp@2.8.10-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.10-0.1%3Fdistro=trixie

url pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-3sqk-cbwn-tqa7

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-gfzg-1hvp-5ugd

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-gfzg-1hvp-5ugd

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie

purl pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-rw3k-nfe2-4qd2

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-3%252Bdeb13u7%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.0-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.0-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.2-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.4-1%3Fdistro=trixie

aliases CVE-2013-1913

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fta8-9na3-u3hb

url VCID-g7zy-qgvc-cueg

vulnerability_id VCID-g7zy-qgvc-cueg

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17784.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17784.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-17784

reference_id

reference_type

scores

value	0.00448
scoring_system	epss
scoring_elements	0.63464
published_at	2026-04-01T12:55:00Z

value	0.00448
scoring_system	epss
scoring_elements	0.63579
published_at	2026-04-21T12:55:00Z

value	0.00448
scoring_system	epss
scoring_elements	0.636
published_at	2026-04-11T12:55:00Z

value	0.00448
scoring_system	epss
scoring_elements	0.63585
published_at	2026-04-12T12:55:00Z

value	0.00448
scoring_system	epss
scoring_elements	0.63588
published_at	2026-04-16T12:55:00Z

value	0.00448
scoring_system	epss
scoring_elements	0.63596
published_at	2026-04-18T12:55:00Z

value	0.00448
scoring_system	epss
scoring_elements	0.63524
published_at	2026-04-02T12:55:00Z

value	0.00448
scoring_system	epss
scoring_elements	0.63551
published_at	2026-04-13T12:55:00Z

value	0.00448
scoring_system	epss
scoring_elements	0.63516
published_at	2026-04-07T12:55:00Z

value	0.00448
scoring_system	epss
scoring_elements	0.63567
published_at	2026-04-08T12:55:00Z

value	0.00448
scoring_system	epss
scoring_elements	0.63584
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-17784

reference_url	https://bugzilla.gnome.org/show_bug.cgi?id=790784
reference_id
reference_type
scores
url	https://bugzilla.gnome.org/show_bug.cgi?id=790784

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17784

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17785
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17785

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17787
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17787

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17788
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17788

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17789
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17789

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:N/A:P

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2017/12/msg00023.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/12/msg00023.html

reference_url	https://www.debian.org/security/2017/dsa-4077
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-4077

reference_url	http://www.openwall.com/lists/oss-security/2017/12/19/5
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2017/12/19/5

reference_url	http://www.securityfocus.com/bid/102899
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102899

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1529144
reference_id	1529144
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1529144

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884925
reference_id	884925
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884925

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.8.22:::::::*
reference_id	cpe:2.3:a:gimp:gimp:2.8.22:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.8.22:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-17784

reference_id

CVE-2017-17784

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-17784

reference_url	https://usn.ubuntu.com/3539-1/
reference_id	USN-3539-1
reference_type
scores
url	https://usn.ubuntu.com/3539-1/

fixed_packages

url	pkg:deb/debian/gimp@2.8.20-1.1?distro=trixie
purl	pkg:deb/debian/gimp@2.8.20-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.20-1.1%3Fdistro=trixie

url pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-3sqk-cbwn-tqa7

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-gfzg-1hvp-5ugd

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-gfzg-1hvp-5ugd

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie

purl pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-rw3k-nfe2-4qd2

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-3%252Bdeb13u7%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.0-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.0-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.2-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.4-1%3Fdistro=trixie

aliases CVE-2017-17784

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g7zy-qgvc-cueg

url VCID-gdxp-wy9y-m3h1

vulnerability_id VCID-gdxp-wy9y-m3h1

summary gimp: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10922.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10922.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-10922

reference_id

reference_type

scores

value	0.00077
scoring_system	epss
scoring_elements	0.23142
published_at	2026-04-02T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.22975
published_at	2026-04-07T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23186
published_at	2026-04-04T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25789
published_at	2026-04-16T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25842
published_at	2026-04-12T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25786
published_at	2026-04-13T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25772
published_at	2026-04-18T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25744
published_at	2026-04-21T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25821
published_at	2026-04-08T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25873
published_at	2026-04-09T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25883
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-10922

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10922
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10922

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1116459
reference_id	1116459
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1116459

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2407188
reference_id	2407188
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2407188

reference_url

https://gitlab.gnome.org/GNOME/gimp/-/commit/3d909166463731e94dfe62042d76225ecfc4c1e4

reference_id

3d909166463731e94dfe62042d76225ecfc4c1e4

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-30T03:56:09Z/

url

https://gitlab.gnome.org/GNOME/gimp/-/commit/3d909166463731e94dfe62042d76225ecfc4c1e4

reference_url	https://access.redhat.com/errata/RHSA-2025:21968
reference_id	RHSA-2025:21968
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:21968

reference_url	https://access.redhat.com/errata/RHSA-2025:22417
reference_id	RHSA-2025:22417
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:22417

reference_url	https://access.redhat.com/errata/RHSA-2025:22445
reference_id	RHSA-2025:22445
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:22445

reference_url	https://access.redhat.com/errata/RHSA-2025:22496
reference_id	RHSA-2025:22496
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:22496

reference_url	https://access.redhat.com/errata/RHSA-2025:22497
reference_id	RHSA-2025:22497
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:22497

reference_url	https://access.redhat.com/errata/RHSA-2025:22498
reference_id	RHSA-2025:22498
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:22498

reference_url	https://access.redhat.com/errata/RHSA-2025:22866
reference_id	RHSA-2025:22866
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:22866

reference_url	https://access.redhat.com/errata/RHSA-2025:23857
reference_id	RHSA-2025:23857
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23857

reference_url	https://access.redhat.com/errata/RHSA-2026:0027
reference_id	RHSA-2026:0027
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0027

reference_url	https://access.redhat.com/errata/RHSA-2026:0250
reference_id	RHSA-2026:0250
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0250

reference_url	https://access.redhat.com/errata/RHSA-2026:0356
reference_id	RHSA-2026:0356
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0356

reference_url	https://usn.ubuntu.com/8057-1/
reference_id	USN-8057-1
reference_type
scores
url	https://usn.ubuntu.com/8057-1/

reference_url

https://www.zerodayinitiative.com/advisories/ZDI-25-911/

reference_id

ZDI-25-911

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-30T03:56:09Z/

url

https://www.zerodayinitiative.com/advisories/ZDI-25-911/

fixed_packages

url pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-3sqk-cbwn-tqa7

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-gfzg-1hvp-5ugd

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u4%3Fdistro=trixie

url pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-gfzg-1hvp-5ugd

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-3%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie

purl pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-rw3k-nfe2-4qd2

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-3%252Bdeb13u7%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.0.4-6.1?distro=trixie
purl	pkg:deb/debian/gimp@3.0.4-6.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-6.1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.0-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.0-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.2-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.4-1%3Fdistro=trixie

aliases CVE-2025-10922

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gdxp-wy9y-m3h1

url VCID-gfzg-1hvp-5ugd

vulnerability_id VCID-gfzg-1hvp-5ugd

summary gimp: predictable temporary file name in test-xcf.c unit test

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12713.json

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12713.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-12713

reference_id

reference_type

scores

value	0.0032
scoring_system	epss
scoring_elements	0.54942
published_at	2026-04-01T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.55098
published_at	2026-04-08T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.55047
published_at	2026-04-02T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.55072
published_at	2026-04-04T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.55048
published_at	2026-04-07T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.55097
published_at	2026-04-09T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.55109
published_at	2026-04-11T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.55089
published_at	2026-04-12T12:55:00Z

value	0.00371
scoring_system	epss
scoring_elements	0.58962
published_at	2026-04-18T12:55:00Z

value	0.00371
scoring_system	epss
scoring_elements	0.58958
published_at	2026-04-16T12:55:00Z

value	0.00371
scoring_system	epss
scoring_elements	0.5894
published_at	2026-04-21T12:55:00Z

value	0.00371
scoring_system	epss
scoring_elements	0.58924
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-12713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12713
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12713

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/GNOME/gimp/commit/c21eff4b031acb04fb4dfce8bd5fdfecc2b6524f
reference_id
reference_type
scores
url	https://github.com/GNOME/gimp/commit/c21eff4b031acb04fb4dfce8bd5fdfecc2b6524f

reference_url	https://gitlab.gnome.org/GNOME/gimp/issues/1689
reference_id
reference_type
scores
url	https://gitlab.gnome.org/GNOME/gimp/issues/1689

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1595819
reference_id	1595819
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1595819

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp::::::::
reference_id	cpe:2.3:a:gimp:gimp::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-12713

reference_id

CVE-2018-12713

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:N

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-12713

fixed_packages

url	pkg:deb/debian/gimp@3.0.0~RC1-4?distro=trixie
purl	pkg:deb/debian/gimp@3.0.0~RC1-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.0~RC1-4%3Fdistro=trixie

url pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie

purl pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-rw3k-nfe2-4qd2

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-3%252Bdeb13u7%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.0-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.0-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.2-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.4-1%3Fdistro=trixie

aliases CVE-2018-12713

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gfzg-1hvp-5ugd

url VCID-gsc3-uhzs-5uf7

vulnerability_id VCID-gsc3-uhzs-5uf7

summary gimp: GIMP: Denial of Service via crafted PVR image file

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40918.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40918.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-40918

reference_id

reference_type

scores

value	0.00013
scoring_system	epss
scoring_elements	0.02079
published_at	2026-04-18T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.02065
published_at	2026-04-16T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.0503
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-40918

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2458747

reference_id

2458747

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:13:07Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2458747

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2026-40918

reference_id

CVE-2026-40918

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:13:07Z/

url

https://access.redhat.com/security/cve/CVE-2026-40918

fixed_packages

url	pkg:deb/debian/gimp@0?distro=trixie
purl	pkg:deb/debian/gimp@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@0%3Fdistro=trixie

url pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-3sqk-cbwn-tqa7

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-gfzg-1hvp-5ugd

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-gfzg-1hvp-5ugd

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie

purl pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-rw3k-nfe2-4qd2

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-3%252Bdeb13u7%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.2-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.4-1%3Fdistro=trixie

aliases CVE-2026-40918

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gsc3-uhzs-5uf7

url VCID-hj85-sup9-abft

vulnerability_id VCID-hj85-sup9-abft

summary gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4887.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4887.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4887

reference_id

reference_type

scores

value	0.00063
scoring_system	epss
scoring_elements	0.196
published_at	2026-04-21T12:55:00Z

value	0.00087
scoring_system	epss
scoring_elements	0.25065
published_at	2026-04-02T12:55:00Z

value	0.00087
scoring_system	epss
scoring_elements	0.25006
published_at	2026-04-11T12:55:00Z

value	0.00087
scoring_system	epss
scoring_elements	0.24965
published_at	2026-04-12T12:55:00Z

value	0.00087
scoring_system	epss
scoring_elements	0.24911
published_at	2026-04-13T12:55:00Z

value	0.00087
scoring_system	epss
scoring_elements	0.24924
published_at	2026-04-16T12:55:00Z

value	0.00087
scoring_system	epss
scoring_elements	0.24916
published_at	2026-04-18T12:55:00Z

value	0.00087
scoring_system	epss
scoring_elements	0.25103
published_at	2026-04-04T12:55:00Z

value	0.00087
scoring_system	epss
scoring_elements	0.24878
published_at	2026-04-07T12:55:00Z

value	0.00087
scoring_system	epss
scoring_elements	0.24947
published_at	2026-04-08T12:55:00Z

value	0.00087
scoring_system	epss
scoring_elements	0.24992
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4887

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4887
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4887

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://gitlab.gnome.org/GNOME/gimp/-/issues/15960

reference_id

15960

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:58:38Z/

url

https://gitlab.gnome.org/GNOME/gimp/-/issues/15960

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2451669

reference_id

2451669

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:58:38Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2451669

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2026-4887

reference_id

CVE-2026-4887

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:58:38Z/

url

https://access.redhat.com/security/cve/CVE-2026-4887

fixed_packages

url	pkg:deb/debian/gimp@3.2.0-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.0-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.2-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.4-1%3Fdistro=trixie

aliases CVE-2026-4887

risk_score 2.8

exploitability 0.5

weighted_severity 5.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hj85-sup9-abft

url VCID-hkc8-4uw7-2yc3

vulnerability_id VCID-hkc8-4uw7-2yc3

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17788.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17788.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-17788

reference_id

reference_type

scores

value	0.005
scoring_system	epss
scoring_elements	0.65887
published_at	2026-04-01T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.66
published_at	2026-04-21T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.65994
published_at	2026-04-12T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.65964
published_at	2026-04-13T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.65998
published_at	2026-04-16T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.66012
published_at	2026-04-18T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.65928
published_at	2026-04-02T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.65958
published_at	2026-04-04T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.65925
published_at	2026-04-07T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.65976
published_at	2026-04-08T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.65988
published_at	2026-04-09T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.66007
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-17788

reference_url	https://bugzilla.gnome.org/show_bug.cgi?id=790783
reference_id
reference_type
scores
url	https://bugzilla.gnome.org/show_bug.cgi?id=790783

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17784

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17785
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17785

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17787
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17787

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17788
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17788

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17789
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17789

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:N/A:P

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2017/12/msg00023.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/12/msg00023.html

reference_url	https://www.debian.org/security/2017/dsa-4077
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-4077

reference_url	http://www.openwall.com/lists/oss-security/2017/12/19/5
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2017/12/19/5

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1529141
reference_id	1529141
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1529141

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885347
reference_id	885347
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885347

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.8.22:::::::*
reference_id	cpe:2.3:a:gimp:gimp:2.8.22:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.8.22:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-17788

reference_id

CVE-2017-17788

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-17788

reference_url	https://usn.ubuntu.com/3539-1/
reference_id	USN-3539-1
reference_type
scores
url	https://usn.ubuntu.com/3539-1/

fixed_packages

url	pkg:deb/debian/gimp@2.8.20-1.1?distro=trixie
purl	pkg:deb/debian/gimp@2.8.20-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.20-1.1%3Fdistro=trixie

url pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-3sqk-cbwn-tqa7

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-gfzg-1hvp-5ugd

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-gfzg-1hvp-5ugd

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5%3Fdistro=trixie

url pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie

purl pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-rw3k-nfe2-4qd2

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-3%252Bdeb13u7%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.0-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.0-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.2-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.4-1%3Fdistro=trixie

aliases CVE-2017-17788

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hkc8-4uw7-2yc3

url VCID-hrab-t25s-5ybg

vulnerability_id VCID-hrab-t25s-5ybg

summary gimp: GIMP: Remote Code Execution via JP2 file parsing heap-based buffer overflow

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14425.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14425.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-14425

reference_id

reference_type

scores

value	0.00105
scoring_system	epss
scoring_elements	0.28681
published_at	2026-04-02T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28498
published_at	2026-04-21T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28643
published_at	2026-04-11T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28599
published_at	2026-04-12T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28551
published_at	2026-04-13T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28571
published_at	2026-04-16T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28546
published_at	2026-04-18T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.2873
published_at	2026-04-04T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28536
published_at	2026-04-07T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28601
published_at	2026-04-08T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28642
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-14425

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14425
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14425

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2424767
reference_id	2424767
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2424767

reference_url

https://gitlab.gnome.org/GNOME/gimp/-/commit/cd1c88a0364ad1444c06536731972a99bd8643fd

reference_id

cd1c88a0364ad1444c06536731972a99bd8643fd

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-02T14:03:55Z/

url

https://gitlab.gnome.org/GNOME/gimp/-/commit/cd1c88a0364ad1444c06536731972a99bd8643fd

reference_url	https://access.redhat.com/errata/RHSA-2026:0914
reference_id	RHSA-2026:0914
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0914

reference_url	https://access.redhat.com/errata/RHSA-2026:1511
reference_id	RHSA-2026:1511
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1511

reference_url	https://access.redhat.com/errata/RHSA-2026:1585
reference_id	RHSA-2026:1585
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1585

reference_url	https://access.redhat.com/errata/RHSA-2026:1586
reference_id	RHSA-2026:1586
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1586

reference_url	https://access.redhat.com/errata/RHSA-2026:1587
reference_id	RHSA-2026:1587
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1587

reference_url	https://usn.ubuntu.com/8057-1/
reference_id	USN-8057-1
reference_type
scores
url	https://usn.ubuntu.com/8057-1/

reference_url

https://www.zerodayinitiative.com/advisories/ZDI-25-1139/

reference_id

ZDI-25-1139

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-02T14:03:55Z/

url

https://www.zerodayinitiative.com/advisories/ZDI-25-1139/

fixed_packages

url pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-3sqk-cbwn-tqa7

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-gfzg-1hvp-5ugd

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u5?distro=trixie
purl	pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u5%3Fdistro=trixie

url pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-gfzg-1hvp-5ugd

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5%3Fdistro=trixie

url	pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u6?distro=trixie
purl	pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u6%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u4?distro=trixie
purl	pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-3%252Bdeb13u4%3Fdistro=trixie

url pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie

purl pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-rw3k-nfe2-4qd2

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-3%252Bdeb13u7%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.0~RC2-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.0~RC2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.0~RC2-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.0-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.0-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.2-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.4-1%3Fdistro=trixie

aliases CVE-2025-14425

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hrab-t25s-5ybg

url VCID-j13x-yf4j-bygr

vulnerability_id VCID-j13x-yf4j-bygr

summary gimp: GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10923.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10923.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-10923

reference_id

reference_type

scores

value	0.00056
scoring_system	epss
scoring_elements	0.17679
published_at	2026-04-02T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17445
published_at	2026-04-07T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17725
published_at	2026-04-04T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20488
published_at	2026-04-16T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.2055
published_at	2026-04-12T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20498
published_at	2026-04-13T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20487
published_at	2026-04-18T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20483
published_at	2026-04-21T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20515
published_at	2026-04-08T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20572
published_at	2026-04-09T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20594
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-10923

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1116460
reference_id	1116460
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1116460

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2407192
reference_id	2407192
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2407192

reference_url

https://gitlab.gnome.org/GNOME/gimp/-/commit/2d2d39f3da1d0b01ca7d71ad2b7a8725ee92ed96

reference_id

2d2d39f3da1d0b01ca7d71ad2b7a8725ee92ed96

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:15Z/

url

https://gitlab.gnome.org/GNOME/gimp/-/commit/2d2d39f3da1d0b01ca7d71ad2b7a8725ee92ed96

reference_url	https://access.redhat.com/errata/RHSA-2025:21968
reference_id	RHSA-2025:21968
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:21968

reference_url	https://access.redhat.com/errata/RHSA-2025:22417
reference_id	RHSA-2025:22417
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:22417

reference_url

https://www.zerodayinitiative.com/advisories/ZDI-25-912/

reference_id

ZDI-25-912

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:15Z/

url

https://www.zerodayinitiative.com/advisories/ZDI-25-912/

fixed_packages

url	pkg:deb/debian/gimp@0?distro=trixie
purl	pkg:deb/debian/gimp@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@0%3Fdistro=trixie

url pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-3sqk-cbwn-tqa7

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-gfzg-1hvp-5ugd

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-gfzg-1hvp-5ugd

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-3%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie

purl pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-rw3k-nfe2-4qd2

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-3%252Bdeb13u7%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.0.4-6.1?distro=trixie
purl	pkg:deb/debian/gimp@3.0.4-6.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-6.1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.0-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.0-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.2-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.4-1%3Fdistro=trixie

aliases CVE-2025-10923

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j13x-yf4j-bygr

url VCID-jy45-8uuz-y7bf

vulnerability_id VCID-jy45-8uuz-y7bf

summary gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0797.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0797.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-0797

reference_id

reference_type

scores

value	0.00037
scoring_system	epss
scoring_elements	0.11075
published_at	2026-04-02T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.1102
published_at	2026-04-21T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11093
published_at	2026-04-11T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11061
published_at	2026-04-12T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11039
published_at	2026-04-13T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.10893
published_at	2026-04-16T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.10903
published_at	2026-04-18T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11138
published_at	2026-04-04T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.10958
published_at	2026-04-07T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11036
published_at	2026-04-08T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.1109
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-0797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0797

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128601
reference_id	1128601
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128601

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2441524
reference_id	2441524
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2441524

reference_url

https://gitlab.gnome.org/GNOME/gimp/-/commit/69cc6b1a6645dc9c4d7b484483dbe6a84b922b9c

reference_id

69cc6b1a6645dc9c4d7b484483dbe6a84b922b9c

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:45Z/

url

https://gitlab.gnome.org/GNOME/gimp/-/commit/69cc6b1a6645dc9c4d7b484483dbe6a84b922b9c

reference_url	https://access.redhat.com/errata/RHSA-2026:4173
reference_id	RHSA-2026:4173
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4173

reference_url	https://access.redhat.com/errata/RHSA-2026:5113
reference_id	RHSA-2026:5113
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5113

reference_url	https://access.redhat.com/errata/RHSA-2026:5388
reference_id	RHSA-2026:5388
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5388

reference_url	https://access.redhat.com/errata/RHSA-2026:5389
reference_id	RHSA-2026:5389
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5389

reference_url	https://access.redhat.com/errata/RHSA-2026:5390
reference_id	RHSA-2026:5390
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5390

reference_url	https://access.redhat.com/errata/RHSA-2026:5391
reference_id	RHSA-2026:5391
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5391

reference_url	https://access.redhat.com/errata/RHSA-2026:5434
reference_id	RHSA-2026:5434
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5434

reference_url	https://access.redhat.com/errata/RHSA-2026:5435
reference_id	RHSA-2026:5435
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5435

reference_url	https://access.redhat.com/errata/RHSA-2026:5436
reference_id	RHSA-2026:5436
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5436

reference_url	https://access.redhat.com/errata/RHSA-2026:5437
reference_id	RHSA-2026:5437
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5437

reference_url

https://www.zerodayinitiative.com/advisories/ZDI-26-050/

reference_id

ZDI-26-050

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:45Z/

url

https://www.zerodayinitiative.com/advisories/ZDI-26-050/

fixed_packages

url pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-3sqk-cbwn-tqa7

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-gfzg-1hvp-5ugd

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u7?distro=trixie
purl	pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u7%3Fdistro=trixie

url pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-gfzg-1hvp-5ugd

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5%3Fdistro=trixie

url	pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u9?distro=trixie
purl	pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u9?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u9%3Fdistro=trixie

url pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie

purl pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hm4-srhz-tqhb

vulnerability	VCID-9v2z-2myu-bfd3

vulnerability	VCID-d967-53mv-13b6

vulnerability	VCID-dkmg-nu4f-xbay

vulnerability	VCID-fraw-9hj8-vbhs

vulnerability	VCID-hj85-sup9-abft

vulnerability	VCID-ney7-z8qy-kuce

vulnerability	VCID-rw3k-nfe2-4qd2

vulnerability	VCID-va44-vsem-xuf5

vulnerability	VCID-wkrp-v537-x3hy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-3%252Bdeb13u7%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.0~RC3-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.0~RC3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.0~RC3-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.0-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.0-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.2-1%3Fdistro=trixie

url	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
purl	pkg:deb/debian/gimp@3.2.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.4-1%3Fdistro=trixie

aliases CVE-2026-0797

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jy45-8uuz-y7bf

url VCID-krn9-65fh-sqgq

vulnerability_id VCID-krn9-65fh-sqgq

summary gimp: Multiple use after free in XCF parser

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48798.json

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48798.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-48798

reference_id

reference_type

scores

value	0.00083
scoring_system	epss
scoring_elements	0.24168
published_at	2026-04-21T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24345
published_at	2026-04-02T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24288
published_at	2026-04-11T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24245
published_at	2026-04-12T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24188
published_at	2026-04-13T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24204
published_at	2026-04-16T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24191
published_at	2026-04-18T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24378
published_at	2026-04-04T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24161
published_at	2026-04-07T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24228
published_at	2026-04-08T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24271
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-48798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48798

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

11822

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2368557

reference_url

reference_id

2368557

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2368557

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id	cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream
reference_id	cpe:/a:redhat:rhel_e4s:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream
reference_id	cpe:/a:redhat:rhel_e4s:8.8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream
reference_id	cpe:/a:redhat:rhel_tus:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream
reference_id	cpe:/a:redhat:rhel_tus:8.8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7
reference_id	cpe:/o:redhat:rhel_els:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7

reference_url

https://access.redhat.com/security/cve/CVE-2025-48798

reference_id

CVE-2025-48798

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/

url

https://access.redhat.com/security/cve/CVE-2025-48798

reference_url

reference_id

RHSA-2025:9162

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/

url

reference_url

reference_id

RHSA-2025:9165

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/

url

reference_url

reference_id

RHSA-2025:9308

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/

url

reference_url

reference_id

RHSA-2025:9309

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/

url

reference_url

reference_id

RHSA-2025:9310

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/

url

reference_url

reference_id

RHSA-2025:9314

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/

url

reference_url

reference_id

RHSA-2025:9315

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/

url

reference_url

reference_id

RHSA-2025:9316

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/

url

reference_url

reference_id

RHSA-2025:9501

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/

url

reference_url

reference_id

RHSA-2025:9569

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/

url