CVE-2026-2239

Low CVSS: 2.8

A flaw was found in GIMP. Heap-buffer-overflow vulnerability exists in the fread_pascal_string function when processing a specially crafted PSD (Photoshop Document) file. This occurs because the buffer allocated for a Pascal string is not properly null-terminated, leading to an out-of-bounds read when strlen() is subsequently called. Successfully exploiting this vulnerability can cause the application to crash, resulting in an application level Denial of Service.

Vendor

Gimp

Product

Gimp

CWE

CWE-170

Yayın Tarihi

2026-03-26 21:17:04

Güncelleme

2026-04-03 20:12:51

Source Identifier

secalert@redhat.com

KEV Date Added

Kategoriler

CWE-170 Gimp LOW Gimp 2026

Referanslar

https://access.redhat.com/security/cve/CVE-2026-2239 https://bugzilla.redhat.com/show_bug.cgi?id=2437675 https://gitlab.gnome.org/GNOME/gimp/-/issues/15812

Benzer Kayıtlar

Medium

CVE-2026-2272

A flaw was found in GIMP. An integer overflow vulnerability exists when processing ICO image files, specifically in the…

High

CVE-2026-2047

GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote…

High

CVE-2026-2048

GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attacker…

High

CVE-2026-2044

GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attacke…

High

CVE-2026-2045

GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attacker…

High

CVE-2026-0797

GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote a…