CNNVD-202601-4201 Information

CNNVD ID

CNNVD-202601-4201

Related CVE

CVE-2025-15059

• CNNVD Published: 2026-01-23

Description (Chinese)

GIMP是GIMP团队的一款开源的位图图像编辑器。 GIMP存在安全漏洞，该漏洞源于解析PSP文件时缺少对用户提供数据长度的验证，可能导致堆缓冲区溢出和远程代码执行。

Description (English)

GIMP is an open-source bitmap image editor for the GIMP team. There is a security loophole in the GIMP, which stems from the lack of verification of the data length provided by users in the analysis of PSP files, which could lead to spills over the buffer zone and remote code execution.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

GIMP

Published

2026-01-23

Last Modified

2026-02-24

References

https://gitlab.gnome.org/GNOME/gimp/-/commit/03575ac8cbb0ef3103b0a15d6598475088dcc15e https://www.zerodayinitiative.com/advisories/ZDI-25-1196/

Patch

https://www.gimp.org/