发布时间: 2025年7月11日
修改时间: 2025年7月11日
A vulnerability was found in GIMP (Image Processing Software) (affected version not known) and classified as critical.Using CWE to declare the problem leads to CWE-190. The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.Impacted is confidentiality, integrity, and availability.There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
| NVD | openEuler | |
|---|---|---|
| Confidentiality | High | Low |
| Attack Vector | Local | Local |
| CVSS评分 | 7.8 | 6.6 |
| Attack Complexity | Low | Low |
| Privileges Required | Low | Low |
| Scope | Unchanged | Unchanged |
| Integrity | High | Low |
| User Interaction | None | None |
| Availability | High | High |
| 公告名 | 概要 | 发布时间 |
|---|---|---|
| KylinSec-SA-2025-2745 | gimp security update | 2025年8月17日 |
| 产品 | 包 | 状态 |
|---|---|---|
| V6 | gimp | Fixed |
