Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-48798

Опубликовано: 27 мая 2025
Источник: debian
EPSS Низкий

Описание

A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
gimpfixed3.0.0~RC1-4package

Примечания

  • https://bugzilla.redhat.com/show_bug.cgi?id=2368557

  • https://gitlab.gnome.org/GNOME/gimp/-/issues/11822

  • Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/7d949423ed2231dd463968d86b58e0a3e01e6266 (GIMP_3_0_0_RC1)

  • Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/fe26086e16943860f3852120f546ce913a7a73ee (GIMP_3_0_0_RC1)

  • Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/e7523ed41271e48a909011b8598d496c1be642e2 (GIMP_3_0_0_RC2)

  • Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/ebf0b569a63f15b5dc7532f16936104af1e09f02 (gimp-2-10)

  • "xcf-load: avoid use-after-free for layers with multiple PROP_ACTIVE_LAYER" not needed in 2.10, which only supports one layer

EPSS

Процентиль: 3%
0.00019
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2025-48798

CVSS3: 7.3
ubuntu
2 месяца назад

A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues.

redhat логотип

CVE-2025-48798

CVSS3: 7.3
redhat
2 месяца назад

A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues.

nvd логотип

CVE-2025-48798

CVSS3: 7.3
nvd
2 месяца назад

A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues.

github логотип

GHSA-7p2h-v67m-x5qx

CVSS3: 7.3
github
2 месяца назад

A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues.

suse-cvrf логотип

SUSE-SU-2025:02164-1

suse-cvrf
около 1 месяца назад

Security update for gimp

EPSS

Процентиль: 3%
0.00019
Низкий