Buffer Overflow in GIMP Affects Multiple Versions
CVE-2022-30067

5.5MEDIUM

Key Information:

Vendor: Gimp
Status: Gimp
Vendor: CVE Published:; 17 May 2022

What is CVE-2022-30067?

GIMP versions 2.10.30 and 2.99.10 are susceptible to a buffer overflow vulnerability. By utilizing a specially crafted XCF file, an attacker can trigger excessive memory allocation, leading to potential crashes or insufficient memory conditions within the application. This vulnerability exacerbates the risk of remote code execution, highlighting the need for users to apply timely security updates and utilize safe file handling practices. For more information, refer to the relevant discussions and security announcements detailing this issue.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://gitlab.gnome.org/GNOME/gimp/-/issues/8120

https://lists.debian.org/debian-lts-announce/2023/11/msg0...

mailing-list

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
May 17, 2022
Vulnerability Reserved
May 2, 2022

JSON

Gimp

What is CVE-2022-30067?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.