CLSA-2026-1776848955

Import Source

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1776848955

Upstream

Published

2026-04-22T09:09:20Z

Modified

2026-06-01T00:32:49.156710431Z

Summary

gimp: Fix of 2 CVEs

Details

CVE-2026-2239: fix heap-buffer-overflow in freadpascalstring when processing PSD files and a follow-up NULL pointer dereference in loadresource1006 alpha names handling
CVE-2026-2272: fix integer overflow in ICO file loading

References

Affected packages

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:2.99.8-4.el9_6.2.tuxcare.els7

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1776848955.json"

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:2.99.8-4.el9_6.2.tuxcare.els7

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1776848955.json"

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:2.99.8-4.el9_6.2.tuxcare.els7

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1776848955.json"

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:2.99.8-4.el9_6.2.tuxcare.els7

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1776848955.json"