| Package | gimp |
|---|---|
| Version | 2.8.18-1+deb9u9 (stretch), 2.10.8-2+deb10u8 (buster) |
| Related CVEs | CVE-2026-0797 CVE-2026-2044 CVE-2026-2045 CVE-2026-2048 |
Several vulnerabilities were discovered in GIMP, the GNU Image Manipulation Program, which could result in denial of service or potentially the execution of arbitrary code if malformed XWD, ICNS, PGM or ICO files are opened.
For Debian 10 buster, these problems have been fixed in version 2.10.8-2+deb10u8.
For Debian 9 stretch, these problems have been fixed in version 2.8.18-1+deb9u9.
We recommend that you upgrade your gimp packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.