INFSA-2025:7417: gimp security update
Information about definition
Identificator: INFSA-2025:7417
Type: security
Release date: 2025-06-10 09:03:52 UTC
Information about package
The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo.
Vulnerabilities description
- CVE-2023-44441
A parsing vulnerability was found in the GNU Image Manipulation Program (GIMP). This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious DDS file, possibly enabling the execution of unauthorized code within the GIMP process.
- CVE-2023-44442
A parsing vulnerability was found in the GNU Image Manipulation Program (GIMP). This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious PSD file, possibly enabling the execution of unauthorized code within the GIMP process.
- CVE-2023-44443
A parsing vulnerability was found in the GNU Image Manipulation Program (GIMP). This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious PSP file, possibly enabling the execution of unauthorized code within the GIMP process.
- CVE-2023-44444
A parsing vulnerability was found in the GNU Image Manipulation Program (GIMP). This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious PSP file, possibly enabling the execution of unauthorized code within the GIMP process.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2023-44441
|
no information | 7.8 | no information |
|
NIST — CVE-2023-44442
|
no information | 7.8 | no information |
|
NIST — CVE-2023-44443
|
no information | 7.8 | no information |
|
NIST — CVE-2023-44444
|
no information | 7.8 | no information |
Updated packages