CVE-2022-30067
Summary
| CVE | CVE-2022-30067 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-05-17 17:15:00 UTC |
| Updated | 2023-11-21 17:15:00 UTC |
| Description | GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash. |
Risk And Classification
Problem Types: CWE-120
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| GIMP 2.10.30 crashed when allocate large memory (#8120) · Issues · GNOME / GIMP · GitLab | MISC | gitlab.gnome.org | |
| [SECURITY] [DLA 3659-1] gimp security update | lists.debian.org | ||
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 160314 Oracle Enterprise Linux Security Update for gimp security and enhancement update (ELSA-2022-7978)
- 183158 Debian Security Update for gimp (CVE-2022-30067)
- 199961 Ubuntu Security Notification for GIMP Vulnerabilities (USN-6521-1)
- 240891 Red Hat Update for gimp (RHSA-2022:7978)
- 6000337 Debian Security Update for gimp (DLA 3659-1)
- 672238 EulerOS Security Update for gimp (EulerOS-SA-2022-2607)
- 752196 SUSE Enterprise Linux Security Update for gimp (SUSE-SU-2022:1889-1)
- 753207 SUSE Enterprise Linux Security Update for gimp (SUSE-SU-2022:2063-1)
- 753426 SUSE Enterprise Linux Security Update for gimp (SUSE-SU-2022:2619-1)
- 940829 AlmaLinux Security Update for gimp (ALSA-2022:7978)
- 960614 Rocky Linux Security Update for gimp (RLSA-2022:7978)