{"id":"CVE-2023-44442","summary":"GIMP PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability","details":"GIMP PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PSD files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current process. Was ZDI-CAN-22094.","modified":"2026-05-18T05:56:45.204254043Z","published":"2024-05-03T02:14:05.940Z","related":["ALSA-2024:0675","ALSA-2024:0861","ALSA-2025:0746","ALSA-2025:3617","ALSA-2025:7417","SUSE-SU-2023:4692-1","SUSE-SU-2023:4697-1"],"database_specific":{"cwe_ids":["CWE-122"],"cna_assigner":"zdi","unresolved_ranges":[{"extracted_events":[{"last_affected":"GIMP 2.10.34 (revision 2)"}],"source":"AFFECTED_FIELD"}],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/44xxx/CVE-2023-44442.json"},"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00015.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/44xxx/CVE-2023-44442.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-44442"},{"type":"ADVISORY","url":"https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/"},{"type":"ADVISORY","url":"https://www.zerodayinitiative.com/advisories/ZDI-23-1594/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/gnome/gimp","events":[{"introduced":"0"},{"fixed":"1651e6e767965cf055e05d13e075095d226f1c66"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"fixed":"2.10.36"}],"cpe":"cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*","source":"CPE_FIELD"}}],"versions":["GIMP_2_10_34","GIMP_2_10_32","GIMP_2_10_30","GIMP_2_10_28","GIMP_2_10_26","GIMP_2_10_24","GIMP_2_10_22","GIMP_2_10_20","GIMP_2_10_18","GIMP_2_10_16","GIMP_2_10_14","GIMP_2_10_12","GIMP_2_10_10","GIMP_2_10_8","GIMP_2_10_6","GIMP_2_10_4","GIMP_2_10_2","GIMP_2_10_0","GIMP_2_10_0_RC2","GIMP_2_10_0_RC1","GIMP_2_9_8","GIMP_2_9_6","GIMP_2_9_2","soc-2012-unified-transform-after-gsoc","soc-2012-unified-transform-before-gsoc","GIMP_2_8_0","GIMP_2_8_0_RC1","GIMP_2_7_5","GIMP_2_7_4","GIMP_2_7_3","GIMP_2_7_2","GIMP_2_7_1","GIMP_2_6_1","GIMP_2_6_0","GIMP_2_5_4","GIMP_2_5_3","GIMP_2_5_2","GIMP_2_5_1","GIMP_2_5_0","GIMP_2_4_1","GIMP_2_4_0_RC3","GIMP_2_4_0_RC2","GIMP_2_4_0_RC1","GIMP_2_3_19","GIMP_2_3_18","GIMP_2_3_17","GIMP_2_3_16","GIMP_2_3_14","SCRIPT_FU_MERGE","GIMP_2_3_13","GIMP_2_3_12","SCRIPT_FU_BEFORE_TINYSCHEME","TINY_FU_1_1_0","GIMP_2_3_11","gimp","GIMP_2_3_10","GIMP_2_3_9","NEEDS_GIMP_2_3_10","TINY_FU_1_0_RC1","TINY_FU_1_0_1","TINY_FU_1_0_0","GIMP_2_3_8","GIMP_2_3_7","GIMP_2_3_6","GIMP_2_3_5","GIMP_2_3_4","GIMP_2_3_3","GIMP_2_3_2","GIMP_2_3_1","GIMP_2_3_0","TINY_FU_0_9_8","TINY_FU_0_9_7","GIMP_2_2_1","GIMP_2_2_0","TINY_FU_0_9_6","GIMP_2_2_PRE2","GIMP_2_2_PRE1","TINY_FU_0_9_5","GIMP_2_1_7","TINY_FU_0_9_4","TINY_FU_0_9_3","GIMP_2_1_6","GIMP_2_1_5","GIMP_2_1_4","GIMP_2_1_3","GIMP_2_1_2","GIMP_2_1_1","GIMP_2_1_0","GIMP_2_0_1","GIMP_2_0_0","GIMP_2_0_RC1","GIMP_1_3_27","GIMP_1_3_26","GIMP_1_3_25","GIMP_1_3_24","GIMP_1_3_23","GIMP_1_3_22","GIMP_1_3_21","GIMP_1_3_20","GIMP_1_3_19","GIMP_1_3_18","GNOME_2_4_BRANCHPOINT","release-2-4-0","GIMP_1_3_17","GIMP_1_3_16","GIMP_1_3_15","GIMP_1_3_14","release-2-3-0","GIMP_1_3_13","release-2-2-5","GIMP_1_3_12","release-2-2-4","LIBRSVG_2_2_0","LIBRSVG_2_1_5","LIBRSVG_2_1_4","GIMP_1_3_11","GIMP_1_3_10","GIMP_1_3_9","LIBRSVG_2_1_3","LIBRSVG_2_1_2","LIBRSVG_2_1_1","GIMP_1_3_8","GIMP_1_3_7","GIMP_1_3_6","GIMP_1_3_5","GIMP_1_3_4","GIMP_1_3_3","GIMP_1_3_2","GIMP_1_3_1","GIMP_1_3_0","GIMP_BEFORE_GTK_2_0","GIMP_1_2_0","GIMP_1_1_32","GIMP_1_1_31","GIMP_1_1_30","GIMP_1_1_29","GIMP_1_1_28","GIMP_1_1_27","GNOME_PRINT_0_24","GIMP_1_1_26","GIMP_1_1_25","GIMP_1_1_24","GIMP_1_1_23","GIMP_1_1_22","GIMP_1_1_21","GIMP_1_1_20","GIMP_1_1_19","GIMP_1_1_18","GIMP_1_1_17","GIMP_1_1_16","GIMP_1_1_15","GIMP_1_1_14","GIMP_1_1_13","GIMP_1_1_12","GIMP_1_1_11","GIMP_1_1_10","GIMP_19990910","GIMP_1_1_9","GIMP_1_1_8","GIMP_1_1_7","PROJECT_SUNLIGHT_ANCHOR","GIMP_1_1_6","GIMP_1_1_5","FOR_PANEL","GIMP_1_1_4","GIMP_1_1_3","GIMP_1_1_2","GIMP_1_1_1","GIMP_1_1_0","BEFORE_GIMAGE_IS_FLAT_REMOVAL","BEFORE_TILE_MADNESS","GIMP_1_0_0","GNOME_BASE","GIMP_0_99_29","GIMP_0_99_28","GIMP_0_99_27","GIMP_0_99_25","GIMP_0_99_24","BEFORE_MATTS_CRAZY_TOOL_PATCH","GIMP_0_99_23","GIMP_0_99_22","GIMP_0_99_21","GIMP_0_99_20","GIMP_0_99_19","ROSALIA_BEFORE_COMMITTING_DL_AND_GNOME_HELLO","GIMP_0_99_18","BASE_ZERO","GIMP_0_99_17","GIMP_0_99_16","SNAP_19971121"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-44442.json"}},{"ranges":[{"type":"GIT","repo":"https://gitlab.gnome.org/gnome/gimp","events":[{"introduced":"0"},{"fixed":"1651e6e767965cf055e05d13e075095d226f1c66"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"fixed":"2.10.36"}],"cpe":"cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*","source":"CPE_FIELD"}}],"versions":["GIMP_2_10_34","GIMP_2_10_32","GIMP_2_10_30","GIMP_2_10_28","GIMP_2_10_26","GIMP_2_10_24","GIMP_2_10_22","GIMP_2_10_20","GIMP_2_10_18","GIMP_2_10_16","GIMP_2_10_14","GIMP_2_10_12","GIMP_2_10_10","GIMP_2_10_8","GIMP_2_10_6","GIMP_2_10_4","GIMP_2_10_2","GIMP_2_10_0","GIMP_2_10_0_RC2","GIMP_2_10_0_RC1","GIMP_2_9_8","GIMP_2_9_6","GIMP_2_9_2","soc-2012-unified-transform-after-gsoc","soc-2012-unified-transform-before-gsoc","GIMP_2_8_0","GIMP_2_8_0_RC1","GIMP_2_7_5","GIMP_2_7_4","GIMP_2_7_3","GIMP_2_7_2","GIMP_2_7_1","GIMP_2_6_1","GIMP_2_6_0","GIMP_2_5_4","GIMP_2_5_3","GIMP_2_5_2","GIMP_2_5_1","GIMP_2_5_0","GIMP_2_4_1","GIMP_2_4_0_RC3","GIMP_2_4_0_RC2","GIMP_2_4_0_RC1","GIMP_2_3_19","GIMP_2_3_18","GIMP_2_3_17","GIMP_2_3_16","GIMP_2_3_14","SCRIPT_FU_MERGE","GIMP_2_3_13","GIMP_2_3_12","SCRIPT_FU_BEFORE_TINYSCHEME","TINY_FU_1_1_0","GIMP_2_3_11","gimp","GIMP_2_3_10","GIMP_2_3_9","NEEDS_GIMP_2_3_10","TINY_FU_1_0_RC1","TINY_FU_1_0_1","TINY_FU_1_0_0","GIMP_2_3_8","GIMP_2_3_7","GIMP_2_3_6","GIMP_2_3_5","GIMP_2_3_4","GIMP_2_3_3","GIMP_2_3_2","GIMP_2_3_1","GIMP_2_3_0","TINY_FU_0_9_8","TINY_FU_0_9_7","GIMP_2_2_1","GIMP_2_2_0","TINY_FU_0_9_6","GIMP_2_2_PRE2","GIMP_2_2_PRE1","TINY_FU_0_9_5","GIMP_2_1_7","TINY_FU_0_9_4","TINY_FU_0_9_3","GIMP_2_1_6","GIMP_2_1_5","GIMP_2_1_4","GIMP_2_1_3","GIMP_2_1_2","GIMP_2_1_1","GIMP_2_1_0","GIMP_2_0_1","GIMP_2_0_0","GIMP_2_0_RC1","GIMP_1_3_27","GIMP_1_3_26","GIMP_1_3_25","GIMP_1_3_24","GIMP_1_3_23","GIMP_1_3_22","GIMP_1_3_21","GIMP_1_3_20","GIMP_1_3_19","GIMP_1_3_18","GNOME_2_4_BRANCHPOINT","release-2-4-0","GIMP_1_3_17","GIMP_1_3_16","GIMP_1_3_15","GIMP_1_3_14","release-2-3-0","GIMP_1_3_13","release-2-2-5","GIMP_1_3_12","release-2-2-4","LIBRSVG_2_2_0","LIBRSVG_2_1_5","LIBRSVG_2_1_4","GIMP_1_3_11","GIMP_1_3_10","GIMP_1_3_9","LIBRSVG_2_1_3","LIBRSVG_2_1_2","LIBRSVG_2_1_1","GIMP_1_3_8","GIMP_1_3_7","GIMP_1_3_6","GIMP_1_3_5","GIMP_1_3_4","GIMP_1_3_3","GIMP_1_3_2","GIMP_1_3_1","GIMP_1_3_0","GIMP_BEFORE_GTK_2_0","GIMP_1_2_0","GIMP_1_1_32","GIMP_1_1_31","GIMP_1_1_30","GIMP_1_1_29","GIMP_1_1_28","GIMP_1_1_27","GNOME_PRINT_0_24","GIMP_1_1_26","GIMP_1_1_25","GIMP_1_1_24","GIMP_1_1_23","GIMP_1_1_22","GIMP_1_1_21","GIMP_1_1_20","GIMP_1_1_19","GIMP_1_1_18","GIMP_1_1_17","GIMP_1_1_16","GIMP_1_1_15","GIMP_1_1_14","GIMP_1_1_13","GIMP_1_1_12","GIMP_1_1_11","GIMP_1_1_10","GIMP_19990910","GIMP_1_1_9","GIMP_1_1_8","GIMP_1_1_7","PROJECT_SUNLIGHT_ANCHOR","GIMP_1_1_6","GIMP_1_1_5","FOR_PANEL","GIMP_1_1_4","GIMP_1_1_3","GIMP_1_1_2","GIMP_1_1_1","GIMP_1_1_0","BEFORE_GIMAGE_IS_FLAT_REMOVAL","BEFORE_TILE_MADNESS","GIMP_1_0_0","GNOME_BASE","GIMP_0_99_29","GIMP_0_99_28","GIMP_0_99_27","GIMP_0_99_25","GIMP_0_99_24","BEFORE_MATTS_CRAZY_TOOL_PATCH","GIMP_0_99_23","GIMP_0_99_22","GIMP_0_99_21","GIMP_0_99_20","GIMP_0_99_19","ROSALIA_BEFORE_COMMITTING_DL_AND_GNOME_HELLO","GIMP_0_99_18","BASE_ZERO","GIMP_0_99_17","GIMP_0_99_16","SNAP_19971121"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-44442.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}