In GIMP 2.8.22, there is a stack-based buffer over-read in xcf_load_stream in app/xcf/xcf.c when there is no '\0' character after the version string.
2.8.10-0ubuntu12.8.10-0ubuntu1.12.8.6-1ubuntu12.8.6-1ubuntu22.8.6-1ubuntu32.8.10-0ubuntu1.22.8.14-1.2ubuntu12.8.14-1ubuntu22.8.16-1ubuntu12.8.16-1ubuntu1.12.8.20-12.8.20-1.12.8.20-22.8.22-1Exploitability
AV:LAC:LPR:NUI:RScope
S:UImpact
C:NI:NA:HCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H