CVE-2022-30067

Опубликовано: 17 мая 2022

Источник: redhat

CVSS3: 6.2

EPSS Низкий

Описание

GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash.

A vulnerability was found in GIMP. Via a specially crafted XCF file, GIMP can allocate a large amount of memory, potentially resulting in a denial of service.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	gimp	Out of support scope
Red Hat Enterprise Linux 7	gimp	Out of support scope
Red Hat Enterprise Linux 8	gimp:2.8/gimp	Affected
Red Hat Enterprise Linux 8	gimp:flatpak/gimp	Affected
Red Hat Enterprise Linux 9	gimp	Fixed	RHSA-2022:7978	15.11.2022

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-252->CWE-770->CWE-120

https://bugzilla.redhat.com/show_bug.cgi?id=2087591gimp: buffer overflow through a crafted XCF file

EPSS

Процентиль: 18%

0.00058

Низкий

6.2 Medium

CVSS3

Связанные уязвимости

CVE-2022-30067

CVSS3: 5.5

ubuntu

около 3 лет назад

GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash.

CVE-2022-30067

CVSS3: 5.5

nvd

около 3 лет назад

GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash.

CVE-2022-30067

CVSS3: 5.5

debian

около 3 лет назад

GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a ...

SUSE-SU-2022:2620-1

suse-cvrf

около 3 лет назад

Security update for gimp

SUSE-SU-2022:2619-1

suse-cvrf

около 3 лет назад

Security update for gimp

EPSS

Процентиль: 18%

0.00058

Низкий

6.2 Medium

CVSS3