Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/gimp@3.0.4-3?distro=trixie
Typedeb
Namespacedebian
Namegimp
Version3.0.4-3
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version3.0.4-3+deb13u1
Latest_non_vulnerable_version3.2.4-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-81y4-4cxp-bybu
vulnerability_id VCID-81y4-4cxp-bybu
summary GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25082.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-2760
reference_id
reference_type
scores
0
value 0.00451
scoring_system epss
scoring_elements 0.63744
published_at 2026-04-24T12:55:00Z
1
value 0.00451
scoring_system epss
scoring_elements 0.63674
published_at 2026-04-02T12:55:00Z
2
value 0.00451
scoring_system epss
scoring_elements 0.6373
published_at 2026-04-16T12:55:00Z
3
value 0.00451
scoring_system epss
scoring_elements 0.6374
published_at 2026-04-18T12:55:00Z
4
value 0.00451
scoring_system epss
scoring_elements 0.63726
published_at 2026-04-21T12:55:00Z
5
value 0.00451
scoring_system epss
scoring_elements 0.637
published_at 2026-04-04T12:55:00Z
6
value 0.00451
scoring_system epss
scoring_elements 0.6366
published_at 2026-04-07T12:55:00Z
7
value 0.00451
scoring_system epss
scoring_elements 0.63712
published_at 2026-04-08T12:55:00Z
8
value 0.00451
scoring_system epss
scoring_elements 0.63729
published_at 2026-04-09T12:55:00Z
9
value 0.00451
scoring_system epss
scoring_elements 0.63743
published_at 2026-04-11T12:55:00Z
10
value 0.00451
scoring_system epss
scoring_elements 0.63728
published_at 2026-04-12T12:55:00Z
11
value 0.00451
scoring_system epss
scoring_elements 0.63695
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-2760
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2760
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2760
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107758
reference_id 1107758
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107758
4
reference_url https://usn.ubuntu.com/8075-1/
reference_id USN-8075-1
reference_type
scores
url https://usn.ubuntu.com/8075-1/
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-25-203/
reference_id ZDI-25-203
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T18:26:53Z/
url https://www.zerodayinitiative.com/advisories/ZDI-25-203/
fixed_packages
0
url pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1hm4-srhz-tqhb
1
vulnerability VCID-3sqk-cbwn-tqa7
2
vulnerability VCID-9v2z-2myu-bfd3
3
vulnerability VCID-d967-53mv-13b6
4
vulnerability VCID-dkmg-nu4f-xbay
5
vulnerability VCID-fraw-9hj8-vbhs
6
vulnerability VCID-gfzg-1hvp-5ugd
7
vulnerability VCID-hj85-sup9-abft
8
vulnerability VCID-ney7-z8qy-kuce
9
vulnerability VCID-va44-vsem-xuf5
10
vulnerability VCID-wkrp-v537-x3hy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u4?distro=trixie
purl pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u4%3Fdistro=trixie
3
url pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1hm4-srhz-tqhb
1
vulnerability VCID-9v2z-2myu-bfd3
2
vulnerability VCID-d967-53mv-13b6
3
vulnerability VCID-dkmg-nu4f-xbay
4
vulnerability VCID-fraw-9hj8-vbhs
5
vulnerability VCID-gfzg-1hvp-5ugd
6
vulnerability VCID-hj85-sup9-abft
7
vulnerability VCID-ney7-z8qy-kuce
8
vulnerability VCID-va44-vsem-xuf5
9
vulnerability VCID-wkrp-v537-x3hy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5%3Fdistro=trixie
4
url pkg:deb/debian/gimp@3.0.4-3?distro=trixie
purl pkg:deb/debian/gimp@3.0.4-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-3%3Fdistro=trixie
5
url pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie
purl pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1hm4-srhz-tqhb
1
vulnerability VCID-9v2z-2myu-bfd3
2
vulnerability VCID-d967-53mv-13b6
3
vulnerability VCID-dkmg-nu4f-xbay
4
vulnerability VCID-fraw-9hj8-vbhs
5
vulnerability VCID-hj85-sup9-abft
6
vulnerability VCID-ney7-z8qy-kuce
7
vulnerability VCID-rw3k-nfe2-4qd2
8
vulnerability VCID-va44-vsem-xuf5
9
vulnerability VCID-wkrp-v537-x3hy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-3%252Bdeb13u7%3Fdistro=trixie
6
url pkg:deb/debian/gimp@3.2.0-1?distro=trixie
purl pkg:deb/debian/gimp@3.2.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.0-1%3Fdistro=trixie
7
url pkg:deb/debian/gimp@3.2.2-1?distro=trixie
purl pkg:deb/debian/gimp@3.2.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.2-1%3Fdistro=trixie
8
url pkg:deb/debian/gimp@3.2.4-1?distro=trixie
purl pkg:deb/debian/gimp@3.2.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.4-1%3Fdistro=trixie
aliases CVE-2025-2760
risk_score 2.4
exploitability 0.5
weighted_severity 4.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-81y4-4cxp-bybu
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-3%3Fdistro=trixie