Your submission was sent successfully! Close

CVE-2022-30067

Published: 17 May 2022

GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash.

Priority

Low

CVSS 3 base score: 5.5

Status

Package Release Status
gimp
Launchpad, Ubuntu, Debian
bionic Needed

focal Needed

impish Ignored
(reached end-of-life)
jammy Needed

upstream
Released (2.10.32-1)
Patches:
upstream: https://gitlab.gnome.org/GNOME/gimp/-/commit/4f99f1fcfd892ead19831b5adcd38a99d71214b6 (master)
upstream: https://gitlab.gnome.org/GNOME/gimp/-/commit/8cd6d05232795ac31076013db1c6be3dc67e8e09 (gimp-2-10)