VDB

DEBIAN-CVE-2012-4245

DEBIAN-CVE-2012-4245 REJECTED CVSS 9.300000190734863 CRITICAL

The scriptfu network server in GIMP 2.6 does not require authentication, which allows remote attackers to execute arbitrary commands via the python-fu-eval command.

Risk Scores

CVSS v4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products

VendorProductVersions
Debian:13gimp3.0.4-3, 3.0.4-3, 3.0.4-4
Debian:14gimp3.0.4-6.2, 3.0.4-5, 3.0.4-4
Debian:11gimp2.10.22-4, 2.10.22-4+deb11u4, 2.10.24-1
Debian:12gimp3.0.0-1, 3.0.0-2, 3.0.0

Timeline

  • Jan 5, 2026 CVE Rejected

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›