Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-v61r-63c3-z3bu
Summarygimp: GIMP: Remote Code Execution via XPM File Parsing Integer Overflow
Aliases
0
alias CVE-2026-4154
Fixed_packages
0
url pkg:deb/debian/gimp@3.2.0-1?distro=trixie
purl pkg:deb/debian/gimp@3.2.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.0-1%3Fdistro=trixie
1
url pkg:deb/debian/gimp@3.2.4-2?distro=trixie
purl pkg:deb/debian/gimp@3.2.4-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.4-2%3Fdistro=trixie
2
url pkg:deb/debian/gimp@3.2.4-2
purl pkg:deb/debian/gimp@3.2.4-2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.4-2
Affected_packages
0
url pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2
purl pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1z7p-e8z2-tkcv
1
vulnerability VCID-389g-akv1-qbh3
2
vulnerability VCID-49hc-snqx-nqa5
3
vulnerability VCID-4t6y-xyhd-cyau
4
vulnerability VCID-5eqk-z3v7-3fhd
5
vulnerability VCID-a479-syd9-fbfk
6
vulnerability VCID-bhng-9wue-tfew
7
vulnerability VCID-daex-4p6v-kkfa
8
vulnerability VCID-e27n-rnab-sufn
9
vulnerability VCID-eq2x-qk7x-afhg
10
vulnerability VCID-f43g-c8fn-y7fw
11
vulnerability VCID-fdhq-bkq1-3yh9
12
vulnerability VCID-gb4e-ny85-uqdv
13
vulnerability VCID-j1sx-sd1f-43ha
14
vulnerability VCID-mfc1-ckk1-zygy
15
vulnerability VCID-mtne-hwdy-6yd5
16
vulnerability VCID-q4v7-51pm-akeq
17
vulnerability VCID-q9jc-zzwy-abdc
18
vulnerability VCID-rn5t-hf1x-sfah
19
vulnerability VCID-sa6e-9a61-ybek
20
vulnerability VCID-tnnf-xm84-67a1
21
vulnerability VCID-uc7r-cwgz-pbgu
22
vulnerability VCID-v61r-63c3-z3bu
23
vulnerability VCID-vc97-wac9-1fc7
24
vulnerability VCID-wb9g-gzb7-u3dw
25
vulnerability VCID-xyqk-5876-4bfb
26
vulnerability VCID-ybpy-5bg8-9yfa
27
vulnerability VCID-ypkn-g198-uyhu
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u2
1
url pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4t6y-xyhd-cyau
1
vulnerability VCID-bhng-9wue-tfew
2
vulnerability VCID-daex-4p6v-kkfa
3
vulnerability VCID-v61r-63c3-z3bu
4
vulnerability VCID-vc97-wac9-1fc7
5
vulnerability VCID-wb9g-gzb7-u3dw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u10
purl pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4t6y-xyhd-cyau
1
vulnerability VCID-bhng-9wue-tfew
2
vulnerability VCID-daex-4p6v-kkfa
3
vulnerability VCID-v61r-63c3-z3bu
4
vulnerability VCID-vc97-wac9-1fc7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u10
3
url pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u10?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4t6y-xyhd-cyau
1
vulnerability VCID-bhng-9wue-tfew
2
vulnerability VCID-daex-4p6v-kkfa
3
vulnerability VCID-v61r-63c3-z3bu
4
vulnerability VCID-vc97-wac9-1fc7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u10%3Fdistro=trixie
4
url pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u8
purl pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4t6y-xyhd-cyau
1
vulnerability VCID-bhng-9wue-tfew
2
vulnerability VCID-v61r-63c3-z3bu
3
vulnerability VCID-vc97-wac9-1fc7
4
vulnerability VCID-vrzz-ktuz-uycr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-3%252Bdeb13u8
5
url pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u8?distro=trixie
purl pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u8?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4t6y-xyhd-cyau
1
vulnerability VCID-bhng-9wue-tfew
2
vulnerability VCID-v61r-63c3-z3bu
3
vulnerability VCID-vc97-wac9-1fc7
4
vulnerability VCID-vrzz-ktuz-uycr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-3%252Bdeb13u8%3Fdistro=trixie
6
url pkg:rpm/redhat/gimp@2:2.99.8-3.el9_0?arch=6
purl pkg:rpm/redhat/gimp@2:2.99.8-3.el9_0?arch=6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5eqk-z3v7-3fhd
1
vulnerability VCID-sa6e-9a61-ybek
2
vulnerability VCID-tnnf-xm84-67a1
3
vulnerability VCID-v61r-63c3-z3bu
4
vulnerability VCID-vc97-wac9-1fc7
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gimp@2:2.99.8-3.el9_0%3Farch=6
7
url pkg:rpm/redhat/gimp@2:3.0.4-1.el9_7?arch=5
purl pkg:rpm/redhat/gimp@2:3.0.4-1.el9_7?arch=5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5eqk-z3v7-3fhd
1
vulnerability VCID-sa6e-9a61-ybek
2
vulnerability VCID-tnnf-xm84-67a1
3
vulnerability VCID-v61r-63c3-z3bu
4
vulnerability VCID-vc97-wac9-1fc7
5
vulnerability VCID-xtqp-9a1k-gff4
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gimp@2:3.0.4-1.el9_7%3Farch=5
8
url pkg:rpm/redhat/gimp@2:3.0.4-4.el9_8?arch=4
purl pkg:rpm/redhat/gimp@2:3.0.4-4.el9_8?arch=4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5eqk-z3v7-3fhd
1
vulnerability VCID-sa6e-9a61-ybek
2
vulnerability VCID-tnnf-xm84-67a1
3
vulnerability VCID-v61r-63c3-z3bu
4
vulnerability VCID-vc97-wac9-1fc7
5
vulnerability VCID-xtqp-9a1k-gff4
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gimp@2:3.0.4-4.el9_8%3Farch=4
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4154.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4154.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4154
reference_id
reference_type
scores
0
value 0.00074
scoring_system epss
scoring_elements 0.22508
published_at 2026-06-09T12:55:00Z
1
value 0.00074
scoring_system epss
scoring_elements 0.22609
published_at 2026-06-05T12:55:00Z
2
value 0.00074
scoring_system epss
scoring_elements 0.22596
published_at 2026-06-06T12:55:00Z
3
value 0.00074
scoring_system epss
scoring_elements 0.22551
published_at 2026-06-07T12:55:00Z
4
value 0.00074
scoring_system epss
scoring_elements 0.22503
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4154
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4154
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4154
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457530
reference_id 2457530
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457530
5
reference_url https://gitlab.gnome.org/GNOME/gimp/-/commit/2e7ed91793792d9e980b2df4c829e9aa60459253
reference_id 2e7ed91793792d9e980b2df4c829e9aa60459253
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T18:24:06Z/
url https://gitlab.gnome.org/GNOME/gimp/-/commit/2e7ed91793792d9e980b2df4c829e9aa60459253
6
reference_url https://access.redhat.com/errata/RHSA-2026:16484
reference_id RHSA-2026:16484
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16484
7
reference_url https://access.redhat.com/errata/RHSA-2026:17533
reference_id RHSA-2026:17533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17533
8
reference_url https://access.redhat.com/errata/RHSA-2026:19362
reference_id RHSA-2026:19362
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19362
9
reference_url https://access.redhat.com/errata/RHSA-2026:20552
reference_id RHSA-2026:20552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20552
10
reference_url https://access.redhat.com/errata/RHSA-2026:20553
reference_id RHSA-2026:20553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20553
11
reference_url https://access.redhat.com/errata/RHSA-2026:20554
reference_id RHSA-2026:20554
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20554
12
reference_url https://access.redhat.com/errata/RHSA-2026:20691
reference_id RHSA-2026:20691
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20691
13
reference_url https://www.zerodayinitiative.com/advisories/ZDI-26-221/
reference_id ZDI-26-221
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T18:24:06Z/
url https://www.zerodayinitiative.com/advisories/ZDI-26-221/
Weaknesses
0
cwe_id 190
name Integer Overflow or Wraparound
description The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.
Exploits
Severity_range_score7.8 - 7.8
Exploitability0.5
Weighted_severity7.0
Risk_score3.5
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-v61r-63c3-z3bu