Known Vulnerabilities for products from GIMP
Listed below are 20 of the newest known vulnerabilities associated with the vendor "GIMP".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-4154 json | Not Provided | 2026-04-11 | 2026-04-11 | |
| CVE-2026-4153 json | Not Provided | 2026-04-11 | 2026-04-11 | |
| CVE-2026-4152 json | Not Provided | 2026-04-11 | 2026-04-11 | |
| CVE-2026-4151 json | Not Provided | 2026-04-11 | 2026-04-11 | |
| CVE-2026-4150 json | Not Provided | 2026-04-11 | 2026-04-11 | |
| CVE-2026-2272 json | A flaw was found in GIMP. An integer overflow vulnerability exists when processing ICO image files, specifically in the `ico_... | Not Provided | 2026-03-26 | 2026-04-03 |
| CVE-2026-2271 json | Not Provided | 2026-03-26 | 2026-03-27 | |
| CVE-2026-2239 json | A flaw was found in GIMP. Heap-buffer-overflow vulnerability exists in the fread_pascal_string function when processing a spe... | Not Provided | 2026-03-26 | 2026-04-03 |
| CVE-2022-32990 json | An issue in gimp_layer_invalidate_boundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a cra... | 5.5 - MEDIUM | 2022-06-24 | 2022-07-01 |
| CVE-2022-30067 json | GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge ... | 5.5 - MEDIUM | 2022-05-17 | 2023-11-21 |
| CVE-2021-45463 json | load_cache in GEGL before 0.4.34 allows shell expansion when a pathname in a constructed command line is not escaped or filte... | 7.8 - HIGH | 2021-12-23 | 2023-11-07 |
| CVE-2018-12713 json | GIMP through 2.10.2 makes g_get_tmp_dir calls to establish temporary filenames, which may result in a filename that already e... | 9.1 - CRITICAL | 2018-06-24 | 2022-02-07 |
| CVE-2017-17789 json | In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c. | 7.8 - HIGH | 2017-12-20 | 2022-02-07 |
| CVE-2017-17788 json | In GIMP 2.8.22, there is a stack-based buffer over-read in xcf_load_stream in app/xcf/xcf.c when there is no '\0' character a... | 5.5 - MEDIUM | 2017-12-20 | 2022-02-07 |
| CVE-2017-17787 json | In GIMP 2.8.22, there is a heap-based buffer over-read in read_creator_block in plug-ins/common/file-psp.c. | 7.8 - HIGH | 2017-12-20 | 2022-02-07 |
| CVE-2017-17786 json | In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1)... | 7.8 - HIGH | 2017-12-20 | 2022-02-07 |
| CVE-2017-17785 json | In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c. | 7.8 - HIGH | 2017-12-20 | 2022-02-07 |
| CVE-2017-17784 json | In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, ... | 7.8 - HIGH | 2017-12-20 | 2022-02-07 |
| CVE-2016-4994 json | Use-after-free vulnerability in the xcf_load_image function in app/xcf/xcf-load.c in GIMP allows remote attackers to cause a ... | 7.8 - HIGH | 2016-07-12 | 2023-02-12 |
| CVE-2013-1978 json | Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and e... | 6.8 - MEDIUM | 2013-12-12 | 2023-02-13 |
Known software with vulnerabilities from GIMP
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Gimp | Gimp | - |