CNNVD-202508-927 Information

CNNVD ID

CNNVD-202508-927

Related CVE

CVE-2025-8672

• CNNVD Published: 2025-08-11

Description (Chinese)

GIMP是GIMP团队的一款开源的位图图像编辑器。 GIMP存在安全漏洞，该漏洞源于Python解释器继承TCC权限，可能导致未经授权访问隐私保护文件夹。

Description (English)

GIMP is an open-source bitmap image editor for the GIMP team. The GIMP has a security loophole, which stems from the Python interpreter’s succession to TCC, which may lead to unauthorized access to privacy protection folders.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

GIMP

Published

2025-08-11

Last Modified

2026-02-24

References

https://cert.pl/en/posts/2025/08/tcc-bypass/ https://www.jamf.com/blog/zero-day-tcc-bypass-discovered-in-xcsset-malware/ https://gitlab.gnome.org/Infrastructure/gimp-macos-build https://gitlab.gnome.org/GNOME/gimp/-/issues/13848 https://nvd.nist.gov/vuln/detail/CVE-2025-8672