{"id":"CVE-2017-17789","details":"In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c.","modified":"2026-04-16T01:43:52.327759833Z","published":"2017-12-20T09:29:01.427Z","related":["SUSE-SU-2020:2603-1","SUSE-SU-2020:2604-1","openSUSE-SU-2020:1420-1"],"database_specific":{"unresolved_ranges":[{"cpe":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","extracted_events":[{"last_affected":"14.04"}],"source":"CPE_FIELD"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"7.0"}],"cpe":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0"}],"cpe":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"9.0"}],"cpe":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"}]},"references":[{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2017/12/19/5"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/102898"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00023.html"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3539-1/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2017/dsa-4077"},{"type":"FIX","url":"https://bugzilla.gnome.org/show_bug.cgi?id=790849"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/gnome/gimp","events":[{"introduced":"0"},{"last_affected":"e39a4e12039a255f29d7cf79365190f01c5f37aa"}],"database_specific":{"cpe":"cpe:2.3:a:gimp:gimp:2.8.22:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"last_affected":"2.8.22"}],"source":"CPE_FIELD"}}],"versions":["BASE_ZERO","BEFORE_GIMAGE_IS_FLAT_REMOVAL","BEFORE_MATTS_CRAZY_TOOL_PATCH","BEFORE_TILE_MADNESS","FOR_PANEL","GIMP_0_99_16","GIMP_0_99_17","GIMP_0_99_18","GIMP_0_99_19","GIMP_0_99_20","GIMP_0_99_21","GIMP_0_99_22","GIMP_0_99_23","GIMP_0_99_24","GIMP_0_99_25","GIMP_0_99_27","GIMP_0_99_28","GIMP_0_99_29","GIMP_19990910","GIMP_1_0_0","GIMP_1_1_0","GIMP_1_1_1","GIMP_1_1_10","GIMP_1_1_11","GIMP_1_1_12","GIMP_1_1_13","GIMP_1_1_14","GIMP_1_1_15","GIMP_1_1_16","GIMP_1_1_17","GIMP_1_1_18","GIMP_1_1_19","GIMP_1_1_2","GIMP_1_1_20","GIMP_1_1_21","GIMP_1_1_22","GIMP_1_1_23","GIMP_1_1_24","GIMP_1_1_25","GIMP_1_1_26","GIMP_1_1_27","GIMP_1_1_28","GIMP_1_1_29","GIMP_1_1_3","GIMP_1_1_30","GIMP_1_1_31","GIMP_1_1_32","GIMP_1_1_4","GIMP_1_1_5","GIMP_1_1_6","GIMP_1_1_7","GIMP_1_1_8","GIMP_1_1_9","GIMP_1_2_0","GIMP_1_3_0","GIMP_1_3_1","GIMP_1_3_10","GIMP_1_3_11","GIMP_1_3_12","GIMP_1_3_13","GIMP_1_3_14","GIMP_1_3_15","GIMP_1_3_16","GIMP_1_3_17","GIMP_1_3_18","GIMP_1_3_19","GIMP_1_3_2","GIMP_1_3_20","GIMP_1_3_21","GIMP_1_3_22","GIMP_1_3_23","GIMP_1_3_24","GIMP_1_3_25","GIMP_1_3_26","GIMP_1_3_27","GIMP_1_3_3","GIMP_1_3_4","GIMP_1_3_5","GIMP_1_3_6","GIMP_1_3_7","GIMP_1_3_8","GIMP_1_3_9","GIMP_2_0_0","GIMP_2_0_1","GIMP_2_0_RC1","GIMP_2_1_0","GIMP_2_1_1","GIMP_2_1_2","GIMP_2_1_3","GIMP_2_1_4","GIMP_2_1_5","GIMP_2_1_6","GIMP_2_1_7","GIMP_2_2_0","GIMP_2_2_1","GIMP_2_2_PRE1","GIMP_2_2_PRE2","GIMP_2_3_0","GIMP_2_3_1","GIMP_2_3_10","GIMP_2_3_11","GIMP_2_3_12","GIMP_2_3_13","GIMP_2_3_14","GIMP_2_3_16","GIMP_2_3_17","GIMP_2_3_18","GIMP_2_3_19","GIMP_2_3_2","GIMP_2_3_3","GIMP_2_3_4","GIMP_2_3_5","GIMP_2_3_6","GIMP_2_3_7","GIMP_2_3_8","GIMP_2_3_9","GIMP_2_4_0_RC1","GIMP_2_4_0_RC2","GIMP_2_4_0_RC3","GIMP_2_4_1","GIMP_2_5_0","GIMP_2_5_1","GIMP_2_5_2","GIMP_2_5_3","GIMP_2_5_4","GIMP_2_6_0","GIMP_2_6_1","GIMP_2_7_1","GIMP_2_7_2","GIMP_2_7_3","GIMP_2_7_4","GIMP_2_7_5","GIMP_2_8_0","GIMP_2_8_0_RC1","GIMP_2_8_10","GIMP_2_8_12","GIMP_2_8_14","GIMP_2_8_16","GIMP_2_8_18","GIMP_2_8_2","GIMP_2_8_20","GIMP_2_8_22","GIMP_2_8_4","GIMP_2_8_6","GIMP_2_8_8","GIMP_BEFORE_GTK_2_0","GNOME_2_4_BRANCHPOINT","GNOME_BASE","GNOME_PRINT_0_24","LIBRSVG_2_1_1","LIBRSVG_2_1_2","LIBRSVG_2_1_3","LIBRSVG_2_1_4","LIBRSVG_2_1_5","LIBRSVG_2_2_0","NEEDS_GIMP_2_3_10","PROJECT_SUNLIGHT_ANCHOR","ROSALIA_BEFORE_COMMITTING_DL_AND_GNOME_HELLO","SCRIPT_FU_BEFORE_TINYSCHEME","SCRIPT_FU_MERGE","SNAP_19971121","TINY_FU_0_9_3","TINY_FU_0_9_4","TINY_FU_0_9_5","TINY_FU_0_9_6","TINY_FU_0_9_7","TINY_FU_0_9_8","TINY_FU_1_0_0","TINY_FU_1_0_1","TINY_FU_1_0_RC1","TINY_FU_1_1_0","gimp","release-2-2-4","release-2-2-5","release-2-3-0","release-2-4-0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-17789.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}