CNNVD-202512-4046 Information

CNNVD ID

CNNVD-202512-4046

Related CVE

CVE-2025-14422

• CNNVD Published: 2025-12-23

Description (Chinese)

GIMP是GIMP团队的一款开源的位图图像编辑器。 GIMP存在输入验证错误漏洞，该漏洞源于解析PNM文件时缺乏对用户提供数据的适当验证，可能导致整数溢出和远程代码执行。

Description (English)

GIMP is an open-source bitmap image editor for the GIMP team. The GIMP has an input validation error loophole, which stems from the lack of proper validation of the data provided by the user when the PNM file is deciphered, which may lead to integer spills and remote code execution.

Hazard Level

Medium

Vulnerability Type

输入验证错误

Affected Vendor

GIMP

Published

2025-12-23

Last Modified

2026-02-24

References

https://gitlab.gnome.org/GNOME/gimp/-/commit/4ff2d773d58064e6130495de498e440f4a6d5edb https://www.zerodayinitiative.com/advisories/ZDI-25-1136/