Cyber Resilience

CVE-2023-44444

High

Published: 03 May 2024

Published
03 May 2024
Modified
04 November 2025
KEV Added
Patch
CVSS Score v3 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.5179 98.0th percentile
Risk Priority 47 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-44444 is a high-severity Off-by-one Error (CWE-193) vulnerability in Gimp Gimp. Its CVSS base score is 7.8 (High).

Operationally, ranked in the top 2.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

GIMP contains an off-by-one vulnerability in its PSP file parser that permits remote code execution on affected installations. The flaw occurs when the parser calculates a write location inside a heap buffer while processing specially crafted data inside a PSP image; successful exploitation grants arbitrary code execution in the context of the GIMP process. The issue was originally reported as ZDI-CAN-22097 and carries a CVSS 3.0 base score of 7.8.

An attacker can exploit the weakness by supplying a malicious PSP file that the victim must open, either directly or by visiting a page that delivers the file. No other privileges are required beyond the ability to induce the user to open the crafted image, after which the attacker gains code execution under the privileges of the running GIMP instance.

The GIMP 2.10.36 release notes and the corresponding Zero Day Initiative advisory ZDI-23-1591 indicate that the vulnerability is resolved in that version; Debian subsequently included the fix in its LTS updates. The EPSS score has remained at 0.5179 since disclosure with no material increase observed.

EU & UK References

Vulnerability details

GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page…

more

or open a malicious file. The specific flaw exists within the parsing of PSP files. Crafted data in a PSP file can trigger an off-by-one error when calculating a location to write within a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-22097.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

gimp
gimp
≤ 2.10.36

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References