Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

Untriaged
Filter by:
With package: gimpPlugins.gap

Found 3 matching suggestions

View:
Compact
Detailed
Permalink CVE-2025-48798
7.3 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 10 months, 2 weeks ago
Gimp: multiple use after free in xcf parser

A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues.

References

Affected products

gimp
  • <3.0.0
  • *
gimp:2.8
  • *
gimp:2.8/gimp

Matching in nixpkgs

pkgs.zigimports

Automatically remove unused imports and globals from Zig files

  • nixos-unstable -
    • nixpkgs-unstable 0.1.0
    • nixos-unstable-small 0.1.0

pkgs.gimpPlugins.bimp

Batch Image Manipulation Plugin for GIMP

  • nixos-unstable 2.6
    • nixpkgs-unstable 2.6
    • nixos-unstable-small 2.6

pkgs.gimp3Plugins.gmic

GIMP plugin for the G'MIC image processing framework

  • nixos-unstable -
    • nixpkgs-unstable 3.5.0
    • nixos-unstable-small 3.5.0

Package maintainers

Permalink CVE-2025-48796
7.3 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 10 months, 2 weeks ago
Gimp: stack-based buffer overflows in file-ico

A flaw was found in GIMP. The GIMP ani_load_image() function is vulnerable to a stack-based overflow. If a user opens.ANI files, GIMP may be used to store more information than the capacity allows. This flaw allows a malicious ANI file to trigger arbitrary code execution.

References

Affected products

gimp
  • <2.99.16
gimp:2.8/gimp

Matching in nixpkgs

pkgs.zigimports

Automatically remove unused imports and globals from Zig files

  • nixos-unstable -
    • nixpkgs-unstable 0.1.0
    • nixos-unstable-small 0.1.0

pkgs.gimpPlugins.bimp

Batch Image Manipulation Plugin for GIMP

  • nixos-unstable 2.6
    • nixpkgs-unstable 2.6
    • nixos-unstable-small 2.6

pkgs.gimp3Plugins.gmic

GIMP plugin for the G'MIC image processing framework

  • nixos-unstable -
    • nixpkgs-unstable 3.5.0
    • nixos-unstable-small 3.5.0

Package maintainers

Permalink CVE-2025-48797
7.3 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 10 months, 2 weeks ago
Gimp: multiple heap buffer overflows in tga parser

A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing a heap buffer overflow.

References

Affected products

gimp
  • *
  • <3.0.0
gimp:2.8
  • *
gimp:2.8/gimp

Matching in nixpkgs

pkgs.zigimports

Automatically remove unused imports and globals from Zig files

  • nixos-unstable -
    • nixpkgs-unstable 0.1.0
    • nixos-unstable-small 0.1.0

pkgs.gimpPlugins.bimp

Batch Image Manipulation Plugin for GIMP

  • nixos-unstable 2.6
    • nixpkgs-unstable 2.6
    • nixos-unstable-small 2.6

pkgs.gimp3Plugins.gmic

GIMP plugin for the G'MIC image processing framework

  • nixos-unstable -
    • nixpkgs-unstable 3.5.0
    • nixos-unstable-small 3.5.0

Package maintainers