Skip to main content
Early Access
— Mondoo Vulnerability Intelligence is currently in preview.
Vulnerability Intelligence
Login
Get Demo
ELSA-2025-22866 | Mondoo Vulnerability Intelligence
Back to search
ELSA-2025-22866
UNKNOWN
ELSA-2025-22866: gimp security update (IMPORTANT)
Published Dec 18, 2025
Modified 4 weeks ago
Fix available
Details
[2:2.22-1.0.5]
Fixes CVE-2025-10922 and CVE-2025-10934 [Orabug: 38739185]
[2:2.8.22-1.0.3]
Fixes CVE-2025-5473 (GIMP ICO File Parsing Integer Overflow) [Orabug: 38110877]
Fixes CVE-2025-48797 (Multiple heap buffer overflows in TGA parser)
Fixes CVE-2025-48798 (Multiple use after free in XCF parser)
Affected Packages
OracleLinux:7
gimp
Fixed in:
2:2.8.22-1.0.5.el7
OracleLinux:7
gimp-devel
Fixed in:
2:2.8.22-1.0.5.el7
OracleLinux:7
gimp-devel-tools
Fixed in:
2:2.8.22-1.0.5.el7
OracleLinux:7
gimp-libs
Fixed in:
2:2.8.22-1.0.5.el7
Related
CVE-2025-10922
CVE-2025-10934
Ecosystems
OracleLinux 7
Timeline
Published
Dec 18, 2025
Modified
Dec 18, 2025