Vulnerabilities > Gimp > Gimp > 2.8.22
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-23 | CVE-2021-45463 | load_cache in GEGL before 0.4.34 allows shell expansion when a pathname in a constructed command line is not escaped or filtered. | 7.8 |
2018-06-24 | CVE-2018-12713 | Unspecified vulnerability in Gimp GIMP through 2.10.2 makes g_get_tmp_dir calls to establish temporary filenames, which may result in a filename that already exists, as demonstrated by the gimp_write_and_read_file function in app/tests/test-xcf.c. | 6.4 |
2017-12-20 | CVE-2017-17789 | Out-of-bounds Write vulnerability in multiple products In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c. | 6.8 |
2017-12-20 | CVE-2017-17788 | Out-of-bounds Read vulnerability in multiple products In GIMP 2.8.22, there is a stack-based buffer over-read in xcf_load_stream in app/xcf/xcf.c when there is no '\0' character after the version string. | 4.3 |
2017-12-20 | CVE-2017-17787 | Out-of-bounds Read vulnerability in multiple products In GIMP 2.8.22, there is a heap-based buffer over-read in read_creator_block in plug-ins/common/file-psp.c. | 6.8 |
2017-12-20 | CVE-2017-17786 | Out-of-bounds Read vulnerability in multiple products In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1) via an unexpected bits-per-pixel value for an RGBA image. | 6.8 |
2017-12-20 | CVE-2017-17785 | Out-of-bounds Write vulnerability in multiple products In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c. | 6.8 |
2017-12-20 | CVE-2017-17784 | Out-of-bounds Read vulnerability in multiple products In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data. | 6.8 |
2012-07-12 | CVE-2012-3236 | NULL Pointer Dereference vulnerability in Gimp fits-io.c in GIMP before 2.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed XTENSION header of a .fit file, as demonstrated using a long string. | 4.3 |