GIMP Use-After-Free Vulnerability in XCF Image File Processing

Vulnerability

A use-after-free vulnerability has been identified in GIMP versions prior to 3.0.0, specifically within the XCF image file parser. When a user opens a specially crafted XCF file, GIMP can be manipulated into creating significant memory errors. This flaw may lead to application crashes and exploitation of use-after-free conditions, potentially allowing for arbitrary code execution.

Impact

Exploitation of this vulnerability could result in memory corruption, application crashes, and potentially arbitrary code execution.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

10.0

exploitability

4.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

10.0

exploitability

4.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GIMP Use-After-Free Vulnerability in XCF Image File Processing

Vulnerability

Impact

Affected Products

GIMP

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating