First published: Fri Jun 24 2022(Updated: )
An issue in gimp_layer_invalidate_boundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service (DoS).
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
GIMP GIMP | =2.10.30 | |
ubuntu/gimp | <2.10.32-1 | 2.10.32-1 |
ubuntu/gimp | <2.10.18-1ubuntu0.1 | 2.10.18-1ubuntu0.1 |
ubuntu/gimp | <2.10.30-1ubuntu0.1 | 2.10.30-1ubuntu0.1 |
debian/gimp | 2.10.34-1+deb12u2 2.10.34-1+deb12u1 2.10.36-2 2.10.36-3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2022-32990.
The severity of CVE-2022-32990 is medium with a severity value of 5.5.
GNOME GIMP 2.10.30 is affected by CVE-2022-32990.
An attacker can exploit CVE-2022-32990 by triggering an unhandled exception via a crafted XCF file, causing a Denial of Service (DoS).
You can refer to the GitLab issue for updates and possible fixes for CVE-2022-32990: https://gitlab.gnome.org/GNOME/gimp/-/issues/8230