Vulnerabilities > Gimp > Gimp > 2.7.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-23 | CVE-2021-45463 | load_cache in GEGL before 0.4.34 allows shell expansion when a pathname in a constructed command line is not escaped or filtered. | 7.8 |
2018-06-24 | CVE-2018-12713 | Unspecified vulnerability in Gimp GIMP through 2.10.2 makes g_get_tmp_dir calls to establish temporary filenames, which may result in a filename that already exists, as demonstrated by the gimp_write_and_read_file function in app/tests/test-xcf.c. | 6.4 |
2016-07-12 | CVE-2016-4994 | Use After Free vulnerability in Gimp Use-after-free vulnerability in the xcf_load_image function in app/xcf/xcf-load.c in GIMP allows remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted XCF file. | 7.8 |
2012-07-12 | CVE-2012-3236 | NULL Pointer Dereference vulnerability in Gimp fits-io.c in GIMP before 2.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed XTENSION header of a .fit file, as demonstrated using a long string. | 4.3 |
2007-06-08 | CVE-2007-3126 | Unspecified vulnerability in Gimp Gimp before 2.8.22 allows context-dependent attackers to cause a denial of service (crash) via an ICO file with an InfoHeader containing a Height of zero, a similar issue to CVE-2007-2237. | 5.0 |