CVE-2022-30067

Опубликовано: 17 мая 2022

Источник: debian

EPSS Низкий

Описание

GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
gimp	fixed	2.10.32-1		package

Примечания

https://gitlab.gnome.org/GNOME/gimp/-/issues/8120
https://gitlab.gnome.org/GNOME/gimp/-/commit/4f99f1fcfd892ead19831b5adcd38a99d71214b6 (master)
https://gitlab.gnome.org/GNOME/gimp/-/commit/8cd6d05232795ac31076013db1c6be3dc67e8e09 (gimp-2-10)
Crash in GUI application, no security impact

EPSS

Процентиль: 18%

0.00058

Низкий

Связанные уязвимости

CVE-2022-30067

CVSS3: 5.5

ubuntu

около 3 лет назад

GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash.

CVE-2022-30067

CVSS3: 6.2

redhat

около 3 лет назад

GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash.

CVE-2022-30067

CVSS3: 5.5

nvd

около 3 лет назад

GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash.

SUSE-SU-2022:2620-1

suse-cvrf

около 3 лет назад

Security update for gimp

SUSE-SU-2022:2619-1

suse-cvrf

около 3 лет назад

Security update for gimp

EPSS

Процентиль: 18%

0.00058

Низкий