pkg:Debian/gimp

102 total CVEsCRITICAL1HIGH57MEDIUM13

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.1CVE-2018-12713GIMP through 2.10.2 makes g_get_tmp_dir calls to establish temporary filenames, which may result in a filename that already exists, as demo…
    from 0
  • HIGH8.8CVE-2025-5473GIMP ICO File Parsing Integer Overflow Remote Code Execution Vulnerability.
    from 0, < 2.10.22-4+deb11u3
  • HIGH7.8CVE-2026-6384A flaw was found in gimp.
    from 0, < 3.2.2-1
  • HIGH7.8CVE-2026-40915A flaw was found in GIMP.
    from 0
  • HIGH7.8CVE-2026-4154GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability.
    from 0
  • HIGH7.8CVE-2026-4153GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability.
    from 0, < 2.10.22-4+deb11u8
  • HIGH7.8CVE-2026-4152GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability.
    from 0, < 2.10.22-4+deb11u8
  • HIGH7.8CVE-2026-4151GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability.
    from 0, < 3.0.4-3+deb13u8
  • HIGH7.8CVE-2026-4150GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability.
    from 0, < 2.10.22-4+deb11u8
  • HIGH7.8CVE-2026-2048GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability.
    from 0, < 2.10.22-4+deb11u7
  • HIGH7.8CVE-2026-2047GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability.
    from 0, < 3.0.4-3+deb13u7
  • HIGH7.8CVE-2026-2045GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability.
    from 0, < 2.10.22-4+deb11u7
  • HIGH7.8CVE-2026-2044GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability.
    from 0, < 2.10.22-4+deb11u7
  • HIGH7.8CVE-2026-0797gimp - security update
    from 0, < 2.10.22-4+deb11u7
  • HIGH7.8CVE-2026-0797gimp - security update
    from 0, < 2.10.22-4+deb11u7
  • HIGH7.8CVE-2026-0797gimp - security update
    from 0, < 2.10.34-1+deb12u9
  • HIGH7.8CVE-2025-15059gimp - security update
    from 0, < 2.10.34-1+deb12u7
  • HIGH7.8CVE-2025-15059gimp - security update
    from 0, < 2.10.22-4+deb11u6
  • HIGH7.8CVE-2025-15059gimp - security update
    from 0, < 2.10.22-4+deb11u6
  • HIGH7.8CVE-2025-14425GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability.
    from 0, < 2.10.22-4+deb11u5
  • HIGH7.8CVE-2025-14424GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability.
    from 0, < 3.0.4-3+deb13u4
  • HIGH7.8CVE-2025-14423GIMP LBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability.
    from 0, < 3.0.4-3+deb13u4
  • HIGH7.8CVE-2025-14422gimp - security update
    from 0, < 2.10.22-4+deb11u5
  • HIGH7.8CVE-2025-14422gimp - security update
    from 0, < 2.10.34-1+deb12u6
  • HIGH7.8CVE-2025-10934gimp - security update
    from 0, < 2.10.34-1+deb12u5
  • HIGH7.8CVE-2025-10934gimp - security update
    from 0, < 2.10.22-4+deb11u4
  • HIGH7.8CVE-2025-10934gimp - security update
    from 0, < 2.10.22-4+deb11u4
  • HIGH7.8CVE-2025-10925GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability.
    from 0
  • HIGH7.8CVE-2025-10924GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability.
    from 0, < 3.0.4-3+deb13u1
  • HIGH7.8CVE-2025-10923GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability.
    from 0, < 3.0.4-3+deb13u1
  • HIGH7.8CVE-2025-10922gimp - security update
    from 0, < 2.10.22-4+deb11u3
  • HIGH7.8CVE-2025-10922gimp - security update
    from 0, < 2.10.34-1+deb12u4
  • HIGH7.8CVE-2025-10922gimp - security update
    from 0, < 2.10.22-4+deb11u3
  • HIGH7.8CVE-2025-10920gimp - security update
    from 0, < 3.0.4-3+deb13u1
  • HIGH7.8CVE-2025-10920gimp - security update
    from 0, < 3.0.4-3+deb13u1
  • HIGH7.8CVE-2025-2761gimp - security update
    from 0, < 2.10.34-1+deb12u3
  • HIGH7.8CVE-2025-2761gimp - security update
    from 0, < 2.10.22-4+deb11u3
  • HIGH7.8CVE-2025-2760GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability.
    from 0, < 2.10.22-4+deb11u3
  • HIGH7.8CVE-2023-44444GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability.
    from 0, < 2.10.22-4+deb11u1
  • HIGH7.8CVE-2023-44443GIMP PSP File Parsing Integer Overflow Remote Code Execution Vulnerability.
    from 0, < 2.10.22-4+deb11u1
  • HIGH7.8CVE-2023-44442GIMP PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability.
    from 0, < 2.10.22-4+deb11u1
  • HIGH7.8CVE-2023-44441gimp - security update
    from 0, < 2.10.22-4+deb11u1
  • HIGH7.8CVE-2023-44441gimp - security update
    from 0, < 2.10.22-4+deb11u1
  • HIGH7.8CVE-2017-17789In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c.
    from 0, < 2.8.20-1.1
  • HIGH7.8CVE-2017-17787In GIMP 2.8.22, there is a heap-based buffer over-read in read_creator_block in plug-ins/common/file-psp.c.
    from 0, < 2.8.20-1.1
  • HIGH7.8CVE-2017-17786In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1) via an unexpe…
    from 0, < 2.8.20-1.1
  • HIGH7.8CVE-2017-17785In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c.
    from 0, < 2.8.20-1.1
  • HIGH7.8CVE-2017-17784gimp - security update
    from 0, < 2.8.20-1.1
  • HIGH7.8CVE-2017-17784gimp - security update
    from 0, < 2.8.14-1+deb8u2
  • HIGH7.8CVE-2017-17784gimp - security update
    from 0, < 2.8.2-2+deb7u3
  • HIGH7.8CVE-2016-4994gimp - security update
    from 0, < 2.8.16-2.2
  • HIGH7.8CVE-2016-4994gimp - security update
    from 0, < 2.8.14-1+deb8u1
  • HIGH7.8CVE-2016-4994gimp - security update
    from 0, < 2.8.2-2+deb7u2
  • HIGH7.3CVE-2025-48798A flaw was found in GIMP when processing XCF image files.
    from 0, < 2.10.22-4+deb11u3
  • HIGH7.3CVE-2025-48797A flaw was found in GIMP when processing certain TGA image files.
    from 0, < 2.10.22-4+deb11u3
  • HIGH7.3CVE-2025-48796A flaw was found in GIMP.
    from 0, < 3.0.0~RC1-4
  • HIGH7.1CVE-2026-40917A flaw was found in GIMP.
    from 0, < 3.0.4-3+deb13u8
  • HIGH7.1CVE-2026-4887A flaw was found in GIMP.
    from 0
  • MEDIUM6.5CVE-2026-2272A flaw was found in GIMP.
    from 0, < 2.10.22-4+deb11u6
  • MEDIUM6.5CVE-2026-2239gimp - security update
    from 0, < 2.10.34-1+deb12u8
  • MEDIUM6.5CVE-2026-2239gimp - security update
    from 0, < 2.10.22-4+deb11u6
  • MEDIUM6.1CVE-2025-6035A flaw was found in GIMP.
    from 0, < 2.10.22-4+deb11u3
  • MEDIUM5.5CVE-2026-40919A flaw was found in GIMP.
    from 0, < 3.2.2-1
  • MEDIUM5.5CVE-2026-40918A flaw was found in GIMP.
    from 0, < 3.2.2-1
  • MEDIUM5.5CVE-2026-40916A flaw was found in GIMP.
    from 0, < 3.2.2-1
  • MEDIUM5.5CVE-2026-2271A flaw was found in GIMP's PSP (Paint Shop Pro) file parser.
    from 0, < 2.10.22-4+deb11u6
  • MEDIUM5.5CVE-2022-32990An issue in gimp_layer_invalidate_boundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file,…
    from 0
  • MEDIUM5.5CVE-2022-30067gimp - security update
    from 0, < 2.10.22-4+deb11u5
  • MEDIUM5.5CVE-2022-30067gimp - security update
    from 0, < 2.10.22-4+deb11u5
  • MEDIUM5.5CVE-2022-30067gimp - security update
    from 0, < 2.10.8-2+deb10u1
  • MEDIUM5.5CVE-2017-17788In GIMP 2.8.22, there is a stack-based buffer over-read in xcf_load_stream in app/xcf/xcf.c when there is no '\0' character after the versi…
    from 0, < 2.8.20-1.1
  • CVE-2013-1978Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier allows…
    from 0, < 2.8.10-0.1
  • CVE-2013-1913gimp - several
    from 0, < 2.6.10-1+squeeze4
  • CVE-2013-1913gimp - several
    from 0, < 2.8.10-0.1
  • CVE-2013-1953Integer underflow in the input_bmp_reader function in input-bmp.c in AutoTrace 0.31.1 allows context-dependent attackers to have an unspeci…
    from 0, < 2.6.10-1
  • CVE-2012-5576Multiple stack-based buffer overflows in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.8.2 allow remote attackers to cause a deni…
    from 0, < 2.8.2-2
  • CVE-2012-4245The scriptfu network server in GIMP 2.6 does not require authentication, which allows remote attackers to execute arbitrary commands via th…
    from 0
  • CVE-2012-3481Integer overflow in the ReadImage function in plug-ins/common/file-gif-load.c in the GIF image format plug-in in GIMP 2.8.x and earlier all…
    from 0, < 2.8.2-1
  • CVE-2012-3403Heap-based buffer overflow in the KiSS CEL file format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of servi…
    from 0, < 2.8.2-1
  • CVE-2012-3402Integer overflow in plug-ins/common/psd.c in the Adobe Photoshop PSD plugin in GIMP 2.2.13 and earlier allows remote attackers to cause a d…
    from 0, < 2.4.0~rc1-1
  • CVE-2012-3236fits-io.c in GIMP before 2.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a…
    from 0, < 2.8.2-1
  • CVE-2012-2763Buffer overflow in the readstr_upto function in plug-ins/script-fu/tinyscheme/scheme.c in GIMP 2.6.12 and earlier, and possibly 2.6.13, all…
    from 0, < 2.8.0-1
  • CVE-2011-2896cups - several
    from 0, < 2.6.11-5
  • CVE-2011-1782Heap-based buffer overflow in the read_channel_data function in file-psp.c in the Paint Shop Pro (PSP) plugin in GIMP 2.6.11 allows remote…
    from 0, < 2.6.11-3
  • CVE-2011-1178Multiple integer overflows in the load_image function in file-pcx.c in the Personal Computer Exchange (PCX) plugin in GIMP 2.6.x and earlie…
    from 0, < 2.6.10-1
  • CVE-2010-4543Heap-based buffer overflow in the read_channel_data function in file-psp.c in the Paint Shop Pro (PSP) plugin in GIMP 2.6.11 allows remote…
    from 0, < 2.6.11-2
  • CVE-2010-4542Stack-based buffer overflow in the gfig_read_parameter_gimp_rgb function in plug-ins/gfig/gfig-style.c in the GFIG plugin in GIMP 2.6.11 al…
    from 0, < 2.6.11-2
  • CVE-2010-4541Stack-based buffer overflow in the loadit function in plug-ins/common/sphere-designer.c in the SPHERE DESIGNER plugin in GIMP 2.6.11 allows…
    from 0, < 2.6.11-2
  • CVE-2010-4540gimp - several
    from 0, < 2.6.11-2
  • CVE-2010-4540gimp - several
    from 0, < 2.6.10-1+squeeze3
  • CVE-2009-3909Integer overflow in the read_channel_data function in plug-ins/file-psd/psd-load.c in GIMP 2.6.7 might allow remote attackers to execute ar…
    from 0, < 2.6.7-1.1
  • CVE-2009-1570Integer overflow in the ReadImage function in plug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary…
    from 0, < 2.6.7-1.1
  • CVE-2007-3741The (1) psp (aka .tub), (2) bmp, (3) pcx, and (4) psd plugins in gimp allow user-assisted remote attackers to cause a denial of service (cr…
    from 0, < 2.2.17-1
  • CVE-2006-4519gimp
    from 0, < 2.2.16-1
  • CVE-2006-4519gimp
    from 0, < 2.2.6-1sarge4
  • CVE-2007-2949Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitra…
    from 0, < 2.2.16-1
  • CVE-2007-3126Gimp before 2.8.22 allows context-dependent attackers to cause a denial of service (crash) via an ICO file with an InfoHeader containing a…
    from 0, < 2.8.22-1
  • CVE-2007-2356gimp
    from 0, < 2.2.14-2
  • CVE-2007-2356gimp
    from 0, < 2.2.6-1sarge2
  • CVE-2006-3404gimp - buffer overflow
    from 0, < 2.2.11-3.1
  • CVE-2006-3404gimp - buffer overflow
    from 0, < 2.2.6-1sarge1
  • CVE-2026-2046(no summary)
    from 0