VulnerableCode Package Details - pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7

Essentials
History (21)

purl	pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7

Next non-vulnerable version	3.0.4-3+deb13u8
Latest non-vulnerable version	3.2.2-1
Risk	3.5

Vulnerabilities affecting this package (10)

Vulnerability	Summary	Fixed by
VCID-1hm4-srhz-tqhb Aliases: CVE-2026-2046		3.0.4-3+deb13u8 Affected by 0 other vulnerabilities. 3.2.2-1 Affected by 0 other vulnerabilities.
VCID-9v2z-2myu-bfd3 Aliases: CVE-2026-4154		3.0.4-3+deb13u8 Affected by 0 other vulnerabilities. 3.2.2-1 Affected by 0 other vulnerabilities.
VCID-d967-53mv-13b6 Aliases: CVE-2026-4152	GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28863.	3.0.4-3+deb13u8 Affected by 0 other vulnerabilities. 3.2.2-1 Affected by 0 other vulnerabilities.
VCID-dkmg-nu4f-xbay Aliases: CVE-2026-4150		3.0.4-3+deb13u8 Affected by 0 other vulnerabilities. 3.2.2-1 Affected by 0 other vulnerabilities.
VCID-fraw-9hj8-vbhs Aliases: CVE-2026-40915	gimp: GIMP: Heap buffer overflow due to integer overflow in FITS image loader	3.0.4-3+deb13u8 Affected by 0 other vulnerabilities. 3.2.2-1 Affected by 0 other vulnerabilities.
VCID-hj85-sup9-abft Aliases: CVE-2026-4887	gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image	3.0.4-3+deb13u8 Affected by 0 other vulnerabilities. 3.2.2-1 Affected by 0 other vulnerabilities.
VCID-ney7-z8qy-kuce Aliases: CVE-2026-4153		3.0.4-3+deb13u8 Affected by 0 other vulnerabilities. 3.2.2-1 Affected by 0 other vulnerabilities.
VCID-rw3k-nfe2-4qd2 Aliases: CVE-2025-10925	gimp: GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability	3.0.4-3+deb13u8 Affected by 0 other vulnerabilities. 3.2.2-1 Affected by 0 other vulnerabilities.
VCID-va44-vsem-xuf5 Aliases: CVE-2026-4151		3.0.4-3+deb13u8 Affected by 0 other vulnerabilities. 3.2.2-1 Affected by 0 other vulnerabilities.
VCID-wkrp-v537-x3hy Aliases: CVE-2026-6384	gimp: GIMP: Arbitrary code execution or denial of service via buffer overflow in GIF image processing	3.0.4-3+deb13u8 Affected by 0 other vulnerabilities. 3.2.2-1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-19T02:14:59.581163+00:00	Debian Importer	Affected by	VCID-wkrp-v537-x3hy	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-19T01:07:42.325201+00:00	Debian Importer	Affected by	VCID-fraw-9hj8-vbhs	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:43:11.261774+00:00	Debian Importer	Affected by	VCID-d967-53mv-13b6	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:54:54.350339+00:00	Debian Importer	Affected by	VCID-1hm4-srhz-tqhb	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:52:39.892179+00:00	Debian Importer	Affected by	VCID-9v2z-2myu-bfd3	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:35:17.338662+00:00	Debian Importer	Affected by	VCID-va44-vsem-xuf5	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:17:53.112590+00:00	Debian Importer	Affected by	VCID-ney7-z8qy-kuce	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:14:37.325497+00:00	Debian Importer	Affected by	VCID-rw3k-nfe2-4qd2	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:50:16.265306+00:00	Debian Importer	Affected by	VCID-hj85-sup9-abft	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:42:53.797001+00:00	Debian Importer	Affected by	VCID-dkmg-nu4f-xbay	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T07:59:17.950980+00:00	Debian Importer	Affected by	VCID-d967-53mv-13b6	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:23:53.769014+00:00	Debian Importer	Affected by	VCID-1hm4-srhz-tqhb	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:22:08.254275+00:00	Debian Importer	Affected by	VCID-9v2z-2myu-bfd3	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:09:13.630767+00:00	Debian Importer	Affected by	VCID-va44-vsem-xuf5	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:09:47.255259+00:00	Debian Importer	Affected by	VCID-ney7-z8qy-kuce	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T05:42:18.776186+00:00	Debian Importer	Affected by	VCID-dkmg-nu4f-xbay	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:10:52.974777+00:00	Debian Importer	Affected by	VCID-rw3k-nfe2-4qd2	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:56:15.417136+00:00	Debian Importer	Affected by	VCID-hj85-sup9-abft	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-08T18:54:57.353367+00:00	Debian Importer	Affected by	VCID-1hm4-srhz-tqhb	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-07T05:58:01.706662+00:00	Debian Importer	Affected by	VCID-hj85-sup9-abft	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-04T17:59:35.880605+00:00	Debian Importer	Affected by	VCID-rw3k-nfe2-4qd2	https://security-tracker.debian.org/tracker/data/json	38.1.0