Threats Tagged 'cve-2026-4887'

Multiple security vulnerabilities have been identified in GIMP 2. 8 as packaged for Red Hat Enterprise Linux 8. 8. These include memory disclosure and denial of service via a crafted PCX image, remote code execution through XPM file parsing integer overflow, arbitrary code execution via a specially crafted PSD file, and remote code execution via PSP file parsing. Red Hat has issued an important security advisory (RHSA-2026:20554) addressing these issues with updated packages. The vulnerabilities affect various Red Hat Enterprise Linux 8. 8 variants and related modules. No CVSS scores are provided, but the advisory rates the impact as important. No known exploits in the wild have been reported at this time.

Multiple security vulnerabilities have been identified in GIMP (GNU Image Manipulation Program) as packaged for Red Hat Enterprise Linux 9, including memory disclosure, denial of service, and several remote code execution flaws triggered by specially crafted image files in PCX, XPM, ANI, JP2, PSD, and PSP formats. These vulnerabilities could allow an attacker to execute arbitrary code or cause denial of service when processing malicious image files. Red Hat has issued an important security advisory (RHSA-2026:16484) addressing these issues with updated GIMP packages. The advisory covers Red Hat Enterprise Linux 9 on multiple architectures. Users are advised to apply the provided updates to remediate these vulnerabilities. No known exploits in the wild have been reported at this time.

Multiple security vulnerabilities have been identified in GIMP (GNU Image Manipulation Program) as packaged in Red Hat Enterprise Linux 9. These include memory disclosure, denial of service, and several remote code execution flaws triggered by specially crafted image files in PCX, XPM, ANI, JP2, PSD, and PSP formats. The vulnerabilities are rated as having an important security impact by Red Hat. An update addressing these issues is available for affected Red Hat Enterprise Linux 9 versions and architectures.

Multiple security vulnerabilities have been identified in GIMP 2. 8 as packaged for Red Hat Enterprise Linux 8, including memory disclosure, denial of service, and remote code execution via specially crafted image files (PCX, XPM, PSD, PSP). These issues are addressed in an important security update released by Red Hat. The vulnerabilities affect various Red Hat Enterprise Linux 8 variants and related packages. No known exploits in the wild have been reported. The update is available through Red Hat advisories and should be applied to affected systems to mitigate these risks.

Multiple security vulnerabilities have been identified in GIMP 2. 8 as packaged for Red Hat Enterprise Linux 8. 4, including memory disclosure, denial of service, and remote code execution via specially crafted image files (PCX, XPM, PSD, PSP). These vulnerabilities could allow an attacker to execute arbitrary code or cause a denial of service. Red Hat has issued an important security advisory (RHSA-2026:20552) addressing these issues with updated packages. The advisory covers four CVEs: CVE-2026-4887, CVE-2026-4154, CVE-2026-4150, and CVE-2026-4153. The update is available for affected Red Hat Enterprise Linux 8. 4 variants. No known exploits in the wild have been reported at this time.

Multiple security vulnerabilities have been identified in GIMP 2. 8 as packaged for Red Hat Enterprise Linux 8. 6, including memory disclosure, denial of service, and remote code execution via specially crafted image files (PCX, XPM, PSD, PSP). These issues affect image parsing components and could allow an attacker to execute arbitrary code or cause service disruption. Red Hat has issued an important security update addressing these vulnerabilities. No known exploits are reported in the wild at this time. The update is available for affected Red Hat Enterprise Linux 8. 6 variants and should be applied to mitigate the risks.

A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible application crash, resulting in a Denial of Service (DoS).