CVE-2025-48798

Published: May 27, 2025

Modified: Nov 6, 2025

PUBLISHED

CVSS v3.1

7.3

HIGH

Description

A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues.

Vendor	Product	Versions
Unknown	gimp	affected `0 - < 3.0.0`
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	unaffected `2:2.8.22-1.el7_9.2 - < *`
Red Hat	Red Hat Enterprise Linux 8	unaffected `8100020250614205641.4c9c024f - < *`
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	unaffected `8020020250618101631.c3a0935b - < *`
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	unaffected `8040020250618100956.70584597 - < *`
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	unaffected `8060020250618100419.6af1eaf0 - < *`
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	unaffected `8060020250618100419.6af1eaf0 - < *`
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	unaffected `8060020250618100419.6af1eaf0 - < *`
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	unaffected `8080020250623120629.0621e4ee - < *`
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	unaffected `8080020250623120629.0621e4ee - < *`
Red Hat	Red Hat Enterprise Linux 9	unaffected `2:2.99.8-4.el9_6.2 - < *`
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	unaffected `2:2.99.8-3.el9_0.1 - < *`
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	unaffected `2:2.99.8-4.el9_2.1 - < *`
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	unaffected `2:2.99.8-4.el9_4.1 - < *`
Red Hat	Red Hat Enterprise Linux 6	All versions