CVE-2022-30067

GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:gimp:gimp:2.10.30:*:*:*:*:*:*:*
cpe:2.3:a:gimp:gimp:2.99.10:*:*:*:*:*:*:*

History

21 Nov 2023, 17:15

Type Values Removed Values Added
References
  • () https://lists.debian.org/debian-lts-announce/2023/11/msg00015.html -

26 May 2022, 00:04

Type Values Removed Values Added
CWE CWE-120
CPE cpe:2.3:a:gimp:gimp:2.99.10:*:*:*:*:*:*:*
cpe:2.3:a:gimp:gimp:2.10.30:*:*:*:*:*:*:*
References (MISC) https://gitlab.gnome.org/GNOME/gimp/-/issues/8120 - (MISC) https://gitlab.gnome.org/GNOME/gimp/-/issues/8120 - Exploit, Issue Tracking, Third Party Advisory
CVSS v2 : unknown
v3 : unknown
v2 : 4.3
v3 : 5.5

17 May 2022, 17:35

Type Values Removed Values Added
New CVE

Information

Published : 2022-05-17 17:15

Updated : 2024-02-04 22:29


NVD link : CVE-2022-30067

Mitre link : CVE-2022-30067

CVE.ORG link : CVE-2022-30067


JSON object : View

Products Affected

gimp

  • gimp
CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')