CVE-2025-48798
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-48798
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-48798.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-48798
- Related
- Published
- 2025-05-27T14:15:24Z
- Modified
- 2025-06-17T10:49:30.003400Z
- Downstream
- Summary
- [none]
- Details
-
A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues.
- References
Affected packages
Debian:11 / gimp
Package
- Name
- gimp
- Purl
- pkg:deb/debian/gimp?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.10.22-4
2.10.22-4+deb11u1
2.10.22-4+deb11u2
2.10.24-1
2.10.24-2
2.10.26-1
2.10.28-1
2.10.30-1
2.10.32-1
2.10.34-1
2.10.36-1
2.10.36-2
2.10.36-3
2.10.38-1
2.10.38-2
2.99.10-1
2.99.12-1
2.99.12-2
2.99.14-1
2.99.14-2
2.99.16-1
2.99.16-2
2.99.18-1
3.*
3.0.0~RC1-1
3.0.0~RC1-3
3.0.0~RC1-4
3.0.0~RC2-1
3.0.0~RC3-1
3.0.0-1
3.0.0-2
3.0.2-1
3.0.2-2
3.0.2-3
3.0.2-3.1
3.0.4-1
3.0.4-2
Debian:12 / gimp
Package
- Name
- gimp
- Purl
- pkg:deb/debian/gimp?arch=source
Debian:13 / gimp
Package
- Name
- gimp
- Purl
- pkg:deb/debian/gimp?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.0~RC1-4