Search for packages
| purl | pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5 |
| Next non-vulnerable version | 2.10.34-1+deb12u10 |
| Latest non-vulnerable version | 3.2.2-1 |
| Risk | 4.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1hm4-srhz-tqhb
Aliases: CVE-2026-2046 |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
|
VCID-9v2z-2myu-bfd3
Aliases: CVE-2026-4154 |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
|
VCID-d967-53mv-13b6
Aliases: CVE-2026-4152 |
GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28863. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-dkmg-nu4f-xbay
Aliases: CVE-2026-4150 |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
|
VCID-fraw-9hj8-vbhs
Aliases: CVE-2026-40915 |
gimp: GIMP: Heap buffer overflow due to integer overflow in FITS image loader |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-gfzg-1hvp-5ugd
Aliases: CVE-2018-12713 |
gimp: predictable temporary file name in test-xcf.c unit test |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-hj85-sup9-abft
Aliases: CVE-2026-4887 |
gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-ney7-z8qy-kuce
Aliases: CVE-2026-4153 |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
|
VCID-va44-vsem-xuf5
Aliases: CVE-2026-4151 |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
|
VCID-wkrp-v537-x3hy
Aliases: CVE-2026-6384 |
gimp: GIMP: Arbitrary code execution or denial of service via buffer overflow in GIF image processing |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-1w47-u2aa-8uaj | gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing |
CVE-2026-2045
|
| VCID-2k57-pmhe-9uds | GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FLI files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25100. |
CVE-2025-2761
|
| VCID-2p8s-2h2y-aqg4 | gimp: GIMP: Denial of service via crafted PSP image file |
CVE-2026-2271
|
| VCID-2yr2-zppt-47eq | gimp: heap-based buffer overflow via specially crafted PSP file |
CVE-2025-15059
|
| VCID-3sqk-cbwn-tqa7 | Multiple vulnerabilities have been discovered in GIMP, the worst of which can lead to arbitrary code execution. |
CVE-2022-32990
|
| VCID-81y4-4cxp-bybu | GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25082. |
CVE-2025-2760
|
| VCID-99yx-7yr3-dfht | gimp: GIMP ICO File Parsing Integer Overflow |
CVE-2025-5473
|
| VCID-bhsc-qy1f-27dj | gimp: Gimp Integer Overflow |
CVE-2025-6035
|
| VCID-d967-53mv-13b6 | GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28863. |
CVE-2026-4152
|
| VCID-dav9-9ar6-gkbn | Multiple vulnerabilities have been discovered in GIMP, the worst of which can lead to arbitrary code execution. |
CVE-2022-30067
|
| VCID-dkmg-nu4f-xbay |
CVE-2026-4150
|
|
| VCID-dtpr-ndvm-5udg | gimp: Multiple heap buffer overflows in TGA parser |
CVE-2025-48797
|
| VCID-gdxp-wy9y-m3h1 | gimp: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
CVE-2025-10922
|
| VCID-hrab-t25s-5ybg | gimp: GIMP: Remote Code Execution via JP2 file parsing heap-based buffer overflow |
CVE-2025-14425
|
| VCID-jy45-8uuz-y7bf | gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability |
CVE-2026-0797
|
| VCID-krn9-65fh-sqgq | gimp: Multiple use after free in XCF parser |
CVE-2025-48798
|
| VCID-ney7-z8qy-kuce |
CVE-2026-4153
|
|
| VCID-qsyr-7tn1-uyhv | gimp: GIMP: Application crash (DoS) via crafted PSD file due to heap-buffer-overflow |
CVE-2026-2239
|
| VCID-rraw-1e9t-x3f3 | gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability |
CVE-2026-2048
|
| VCID-tth9-nncy-5qap | gimp: GIMP: Remote Code Execution via PNM file parsing integer overflow |
CVE-2025-14422
|
| VCID-ubet-venh-tqct | gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing |
CVE-2026-2044
|
| VCID-uujf-3fhp-8fgg | gimp: GIMP: Memory corruption due to integer overflow in ICO file handling |
CVE-2026-2272
|
| VCID-z2up-g7ms-gfg2 | A vulnerability has been discovered in GIMP, which can lead to execution of arbitrary code. |
CVE-2025-10934
|