Search for packages
| purl | pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u7?distro=trixie |
| Next non-vulnerable version | 3.0.4-3+deb13u8 |
| Latest non-vulnerable version | 3.2.4-1 |
| Risk | 3.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1hm4-srhz-tqhb
Aliases: CVE-2026-2046 |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
|
VCID-9v2z-2myu-bfd3
Aliases: CVE-2026-4154 |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
|
VCID-d967-53mv-13b6
Aliases: CVE-2026-4152 |
GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28863. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-dkmg-nu4f-xbay
Aliases: CVE-2026-4150 |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
|
VCID-fraw-9hj8-vbhs
Aliases: CVE-2026-40915 |
gimp: GIMP: Heap buffer overflow due to integer overflow in FITS image loader |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-hj85-sup9-abft
Aliases: CVE-2026-4887 |
gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-ney7-z8qy-kuce
Aliases: CVE-2026-4153 |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
|
VCID-rw3k-nfe2-4qd2
Aliases: CVE-2025-10925 |
gimp: GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-va44-vsem-xuf5
Aliases: CVE-2026-4151 |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
|
VCID-wkrp-v537-x3hy
Aliases: CVE-2026-6384 |
gimp: GIMP: Arbitrary code execution or denial of service via buffer overflow in GIF image processing |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-1da3-1t47-4ygh | Multiple vulnerabilities have been discovered in GIMP, allowing for the remote execution of arbitrary code. |
CVE-2006-4519
|
| VCID-1p16-e8n6-1qcg | gimp: GIMP: Remote code execution via heap-based buffer overflow in ICNS file parsing |
CVE-2026-2047
|
| VCID-1w47-u2aa-8uaj | gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing |
CVE-2026-2045
|
| VCID-23ev-8ph6-qyd8 | Multiple vulnerabilities have been found in GIMP, the worst of which allow execution of arbitrary code or Denial of Service. |
CVE-2010-4540
|
| VCID-2k57-pmhe-9uds | GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FLI files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25100. |
CVE-2025-2761
|
| VCID-2p8s-2h2y-aqg4 | gimp: GIMP: Denial of service via crafted PSP image file |
CVE-2026-2271
|
| VCID-2yr2-zppt-47eq | gimp: heap-based buffer overflow via specially crafted PSP file |
CVE-2025-15059
|
| VCID-35p4-a8t3-f3g1 | security update |
CVE-2016-4994
|
| VCID-3sqk-cbwn-tqa7 | Multiple vulnerabilities have been discovered in GIMP, the worst of which can lead to arbitrary code execution. |
CVE-2022-32990
|
| VCID-4wae-t183-yydb | security update |
CVE-2017-17789
|
| VCID-5ds4-62sx-xud3 | Multiple vulnerabilities have been found in GIMP, the worst of which allow execution of arbitrary code or Denial of Service. |
CVE-2009-1570
|
| VCID-5yx1-7s7z-m3ar | gimp: NULL pointer deref crash when reading FIT file with crafted XTENSION header |
CVE-2012-3236
|
| VCID-6j1w-qaak-rydj | gimp: GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability |
CVE-2025-10924
|
| VCID-6uzq-6ejf-kudc | autotrace: buffer overflow when parsing BMP files |
CVE-2013-1953
|
| VCID-6yt4-22x4-2kdk | Multiple vulnerabilities have been found in GIMP, the worst of which allow execution of arbitrary code. |
CVE-2012-3481
|
| VCID-81y4-4cxp-bybu | GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25082. |
CVE-2025-2760
|
| VCID-8fnp-pegd-vkf3 | Multiple vulnerabilities have been found in GIMP, the worst of which allow execution of arbitrary code or Denial of Service. |
CVE-2012-3402
|
| VCID-99yx-7yr3-dfht | gimp: GIMP ICO File Parsing Integer Overflow |
CVE-2025-5473
|
| VCID-9ay7-pf72-qbcn | gimp: GIMP: Denial of Service via specially crafted Seattle Filmworks file |
CVE-2026-40919
|
| VCID-bcwp-42cm-g3et | Multiple vulnerabilities have been discovered in GIMP, the worst of which can lead to arbitrary code execution. |
CVE-2023-44444
ZDI-CAN-22097 |
| VCID-bf8d-qkyh-auds | Gimp: context-dependent attackers to cause a denial of service |
CVE-2007-3126
|
| VCID-bhsc-qy1f-27dj | gimp: Gimp Integer Overflow |
CVE-2025-6035
|
| VCID-bq1c-u55x-5beh | Multiple vulnerabilities have been found in GIMP, the worst of which allow execution of arbitrary code or Denial of Service. |
CVE-2010-4542
|
| VCID-cdfh-uhac-sbam | Multiple vulnerabilities have been found in GIMP, the worst of which allow execution of arbitrary code or Denial of Service. |
CVE-2010-4541
|
| VCID-d967-53mv-13b6 | GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28863. |
CVE-2026-4152
|
| VCID-dav9-9ar6-gkbn | Multiple vulnerabilities have been discovered in GIMP, the worst of which can lead to arbitrary code execution. |
CVE-2022-30067
|
| VCID-dda3-khwb-q7bn | gimp: GIMP: Application crashes or information disclosure via crafted ICNS image files |
CVE-2026-40917
|
| VCID-dkmg-nu4f-xbay |
CVE-2026-4150
|
|
| VCID-dtpr-ndvm-5udg | gimp: Multiple heap buffer overflows in TGA parser |
CVE-2025-48797
|
| VCID-enq7-y48z-gybf | GIMP is vulnerable to a buffer overflow which may lead to the execution of arbitrary code. |
CVE-2007-2356
|
| VCID-eybg-sjmd-q7a2 | Multiple vulnerabilities have been discovered in GIMP, the worst of which can lead to arbitrary code execution. |
CVE-2023-44443
ZDI-CAN-22096 |
| VCID-fta8-9na3-u3hb | several |
CVE-2013-1913
|
| VCID-g7zy-qgvc-cueg | security update |
CVE-2017-17784
|
| VCID-gdxp-wy9y-m3h1 | gimp: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
CVE-2025-10922
|
| VCID-gfzg-1hvp-5ugd | gimp: predictable temporary file name in test-xcf.c unit test |
CVE-2018-12713
|
| VCID-gsc3-uhzs-5uf7 | gimp: GIMP: Denial of Service via crafted PVR image file |
CVE-2026-40918
|
| VCID-hkc8-4uw7-2yc3 | security update |
CVE-2017-17788
|
| VCID-hrab-t25s-5ybg | gimp: GIMP: Remote Code Execution via JP2 file parsing heap-based buffer overflow |
CVE-2025-14425
|
| VCID-j13x-yf4j-bygr | gimp: GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability |
CVE-2025-10923
|
| VCID-jy45-8uuz-y7bf | gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability |
CVE-2026-0797
|
| VCID-krn9-65fh-sqgq | gimp: Multiple use after free in XCF parser |
CVE-2025-48798
|
| VCID-nb8e-umcc-yudg | Multiple vulnerabilities have been found in GIMP, the worst of which allow execution of arbitrary code. |
CVE-2012-5576
|
| VCID-ney7-z8qy-kuce |
CVE-2026-4153
|
|
| VCID-pkzd-5g7r-cfh8 | GIMP is prone to a buffer overflow which may lead to the execution of arbitrary code when loading specially crafted XCF files. |
CVE-2006-3404
|
| VCID-q23d-29ut-uyhd | security update |
CVE-2017-17787
|
| VCID-qk2t-bm6s-1fes | gimp: GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
CVE-2025-10920
|
| VCID-qsyr-7tn1-uyhv | gimp: GIMP: Application crash (DoS) via crafted PSD file due to heap-buffer-overflow |
CVE-2026-2239
|
| VCID-r1ds-par2-5kb4 | security update |
CVE-2017-17786
|
| VCID-rgcb-3vf1-23dk | several |
CVE-2013-1978
|
| VCID-rraw-1e9t-x3f3 | gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability |
CVE-2026-2048
|
| VCID-s17j-j45c-nqgs | Multiple vulnerabilities have been discovered in GIMP, the worst of which can lead to arbitrary code execution. |
CVE-2023-44441
ZDI-CAN-22093 |
| VCID-sn31-adaw-8kbz | Gimp: Incomplete fix for CVE-2010-4543 PSP plug-in heap overflow issue |
CVE-2011-1782
|
| VCID-svvz-6tap-wqbe | Multiple vulnerabilities have been found in GIMP, the worst of which allow execution of arbitrary code or Denial of Service. |
CVE-2010-4543
|
| VCID-teck-svws-tyae | Gimp image loader multiple input validation flaws |
CVE-2007-3741
|
| VCID-tq1x-gwac-6uc9 | Multiple vulnerabilities have been found in GIMP, the worst of which allow execution of arbitrary code or Denial of Service. |
CVE-2009-3909
|
| VCID-tth9-nncy-5qap | gimp: GIMP: Remote Code Execution via PNM file parsing integer overflow |
CVE-2025-14422
|
| VCID-u8j3-25up-5bcb | Multiple vulnerabilities have been found in GIMP, the worst of which allow execution of arbitrary code or Denial of Service. |
CVE-2011-1178
|
| VCID-ubet-venh-tqct | gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing |
CVE-2026-2044
|
| VCID-uujf-3fhp-8fgg | gimp: GIMP: Memory corruption due to integer overflow in ICO file handling |
CVE-2026-2272
|
| VCID-va44-vsem-xuf5 |
CVE-2026-4151
|
|
| VCID-vjn6-7mrr-j7cn | Multiple vulnerabilities have been discovered in GIMP, allowing for the remote execution of arbitrary code. |
CVE-2007-2949
|
| VCID-w9b1-57tj-tueg | gimp: Stack-based buffer overflows in file-ico |
CVE-2025-48796
|
| VCID-wbtb-bfgn-4bhq | Multiple vulnerabilities have been found in GIMP, the worst of which allow execution of arbitrary code or Denial of Service. |
CVE-2012-2763
|
| VCID-wc8m-8guk-13ez | gimp: GIMP: Remote Code Execution via stack-based buffer overflow in LBM file parsing |
CVE-2025-14423
|
| VCID-wj9c-s6kt-tqag | security update |
CVE-2017-17785
|
| VCID-wkrp-v537-x3hy | gimp: GIMP: Arbitrary code execution or denial of service via buffer overflow in GIF image processing |
CVE-2026-6384
|
| VCID-y7a9-2p1n-z7fx | Multiple vulnerabilities have been found in GIMP, the worst of which allow execution of arbitrary code or Denial of Service. |
CVE-2011-2896
|
| VCID-ye1p-fndf-h7b9 | Multiple vulnerabilities have been found in GIMP, the worst of which allow execution of arbitrary code. |
CVE-2012-3403
|
| VCID-ygcy-xz6u-1qav | Multiple vulnerabilities have been discovered in GIMP, the worst of which can lead to arbitrary code execution. |
CVE-2023-44442
ZDI-CAN-22094 |
| VCID-ym8b-yn6s-3ybc | gimp: GIMP: Denial of Service due to stack buffer overflow in TIM image loader |
CVE-2026-40916
|
| VCID-ynn6-fqzk-qbav | gimp: GIMP: Remote Code Execution via XCF File Parsing Use-After-Free |
CVE-2025-14424
|
| VCID-z2up-g7ms-gfg2 | A vulnerability has been discovered in GIMP, which can lead to execution of arbitrary code. |
CVE-2025-10934
|