CVE-2025-48797

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-48797
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-48797.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-48797
Downstream
Related
Published
2025-05-27T14:04:57.389Z
Modified
2026-05-18T05:59:32.971691939Z
Severity
  • 7.3 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
Gimp: multiple heap buffer overflows in tga parser
Details

A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing a heap buffer overflow.

Database specific 
{
    "cwe_ids": [
        "CWE-122"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/48xxx/CVE-2025-48797.json",
    "cna_assigner": "redhat"
}
References

Affected packages

Git / gitlab.gnome.org/gnome/gimp

Affected ranges

Type
GIT
Repo
https://gitlab.gnome.org/gnome/gimp
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
9785099e5a0dcdc3011dd26c6c2e9b332d36c035
Database specific 
{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "3.0.0"
        }
    ],
    "source": "AFFECTED_FIELD"
}

Affected versions

Other
BASE_ZERO
BEFORE_GIMAGE_IS_FLAT_REMOVAL
BEFORE_MATTS_CRAZY_TOOL_PATCH
BEFORE_TILE_MADNESS
FOR_PANEL
GIMP_0_99_16
GIMP_0_99_17
GIMP_0_99_18
GIMP_0_99_19
GIMP_0_99_20
GIMP_0_99_21
GIMP_0_99_22
GIMP_0_99_23
GIMP_0_99_24
GIMP_0_99_25
GIMP_0_99_27
GIMP_0_99_28
GIMP_0_99_29
GIMP_19990910
GIMP_1_0_0
GIMP_1_1_0
GIMP_1_1_1
GIMP_1_1_10
GIMP_1_1_11
GIMP_1_1_12
GIMP_1_1_13
GIMP_1_1_14
GIMP_1_1_15
GIMP_1_1_16
GIMP_1_1_17
GIMP_1_1_18
GIMP_1_1_19
GIMP_1_1_2
GIMP_1_1_20
GIMP_1_1_21
GIMP_1_1_22
GIMP_1_1_23
GIMP_1_1_24
GIMP_1_1_25
GIMP_1_1_26
GIMP_1_1_27
GIMP_1_1_28
GIMP_1_1_29
GIMP_1_1_3
GIMP_1_1_30
GIMP_1_1_31
GIMP_1_1_32
GIMP_1_1_4
GIMP_1_1_5
GIMP_1_1_6
GIMP_1_1_7
GIMP_1_1_8
GIMP_1_1_9
GIMP_1_2_0
GIMP_1_3_0
GIMP_1_3_1
GIMP_1_3_10
GIMP_1_3_11
GIMP_1_3_12
GIMP_1_3_13
GIMP_1_3_14
GIMP_1_3_15
GIMP_1_3_16
GIMP_1_3_17
GIMP_1_3_18
GIMP_1_3_19
GIMP_1_3_2
GIMP_1_3_20
GIMP_1_3_21
GIMP_1_3_22
GIMP_1_3_23
GIMP_1_3_24
GIMP_1_3_25
GIMP_1_3_26
GIMP_1_3_27
GIMP_1_3_3
GIMP_1_3_4
GIMP_1_3_5
GIMP_1_3_6
GIMP_1_3_7
GIMP_1_3_8
GIMP_1_3_9
GIMP_2_0_0
GIMP_2_0_1
GIMP_2_0_RC1
GIMP_2_10_0
GIMP_2_10_0_RC1
GIMP_2_10_0_RC2
GIMP_2_10_2
GIMP_2_1_0
GIMP_2_1_1
GIMP_2_1_2
GIMP_2_1_3
GIMP_2_1_4
GIMP_2_1_5
GIMP_2_1_6
GIMP_2_1_7
GIMP_2_2_0
GIMP_2_2_1
GIMP_2_2_PRE1
GIMP_2_2_PRE2
GIMP_2_3_0
GIMP_2_3_1
GIMP_2_3_10
GIMP_2_3_11
GIMP_2_3_12
GIMP_2_3_13
GIMP_2_3_14
GIMP_2_3_16
GIMP_2_3_17
GIMP_2_3_18
GIMP_2_3_19
GIMP_2_3_2
GIMP_2_3_3
GIMP_2_3_4
GIMP_2_3_5
GIMP_2_3_6
GIMP_2_3_7
GIMP_2_3_8
GIMP_2_3_9
GIMP_2_4_0_RC1
GIMP_2_4_0_RC2
GIMP_2_4_0_RC3
GIMP_2_4_1
GIMP_2_5_0
GIMP_2_5_1
GIMP_2_5_2
GIMP_2_5_3
GIMP_2_5_4
GIMP_2_6_0
GIMP_2_6_1
GIMP_2_7_1
GIMP_2_7_2
GIMP_2_7_3
GIMP_2_7_4
GIMP_2_7_5
GIMP_2_8_0
GIMP_2_8_0_RC1
GIMP_2_99_10
GIMP_2_99_12
GIMP_2_99_14
GIMP_2_99_16
GIMP_2_99_18
GIMP_2_99_2
GIMP_2_99_4
GIMP_2_99_6
GIMP_2_99_8
GIMP_2_9_2
GIMP_2_9_6
GIMP_2_9_8
GIMP_3_0_0_RC1
GIMP_3_0_0_RC2
GIMP_3_0_0_RC3
GIMP_BEFORE_GTK_2_0
GNOME_2_4_BRANCHPOINT
GNOME_BASE
GNOME_PRINT_0_24
LIBRSVG_2_1_1
LIBRSVG_2_1_2
LIBRSVG_2_1_3
LIBRSVG_2_1_4
LIBRSVG_2_1_5
LIBRSVG_2_2_0
NEEDS_GIMP_2_3_10
PROJECT_SUNLIGHT_ANCHOR
ROSALIA_BEFORE_COMMITTING_DL_AND_GNOME_HELLO
SCRIPT_FU_BEFORE_TINYSCHEME
SCRIPT_FU_MERGE
SNAP_19971121
TINY_FU_0_9_3
TINY_FU_0_9_4
TINY_FU_0_9_5
TINY_FU_0_9_6
TINY_FU_0_9_7
TINY_FU_0_9_8
TINY_FU_1_0_0
TINY_FU_1_0_1
TINY_FU_1_0_RC1
TINY_FU_1_1_0
gimp
release-2-2-4
release-2-2-5
release-2-3-0
release-2-4-0
soc-2012-unified-transform-after-gsoc
soc-2012-unified-transform-before-gsoc

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-48797.json"