Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2026-2271

Источник: debian
EPSS Низкий

Описание

[GIMP PSP File Parsing Integer Overflow Leading to Heap Corruption]

Пакеты

ПакетСтатусВерсия исправленияРелизТип
gimpfixed3.2.0~RC2-3.2package

Примечания

  • https://gitlab.gnome.org/GNOME/gimp/-/issues/15732

  • Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/d9d0f5b4e642dd5b101e70728042027d568bb01d

  • Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/0e63f096fa5f7dc3fae0a8e865fd5a05ebe45da8 (GIMP_3_0_8)

EPSS

Процентиль: 17%
0.00055
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2026-2271

ubuntu
около 2 месяцев назад

[GIMP PSP File Parsing Integer Overflow Leading to Heap Corruption]

redhat логотип

CVE-2026-2271

CVSS3: 3.3
redhat
около 2 месяцев назад

A flaw was found in GIMP's PSP (Paint Shop Pro) file parser. A remote attacker could exploit an integer overflow vulnerability in the read_creator_block() function by providing a specially crafted PSP image file. This vulnerability occurs when a 32-bit length value from the file is used for memory allocation without proper validation, leading to a heap overflow and an out-of-bounds write. Successful exploitation could result in an application level denial of service.

github логотип

GHSA-688g-4qr3-6q47

CVSS3: 3.3
github
4 дня назад

A flaw was found in GIMP's PSP (Paint Shop Pro) file parser. A remote attacker could exploit an integer overflow vulnerability in the read_creator_block() function by providing a specially crafted PSP image file. This vulnerability occurs when a 32-bit length value from the file is used for memory allocation without proper validation, leading to a heap overflow and an out-of-bounds write. Successful exploitation could result in an application level denial of service.

suse-cvrf логотип

SUSE-SU-2026:0604-1

suse-cvrf
около 1 месяца назад

Security update for gimp

EPSS

Процентиль: 17%
0.00055
Низкий