SecTeer VulnDetect Support Forum VulnDetect
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Download VulnDetect Installer
    • Register
    • Login

    [Solved] GIMP - 2.10.4 - Possible False Positive

    Solved Detection Issues
    3
    7
    2.0k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Z
      Zian
      last edited by OLLI_S

      https://www.gimp.org/downloads/ says that the current stable release is "2.10.4" but CARMA shows the application as "Unsafe" while indicating that the installed version is "2.10.4".

      1 Reply Last reply Reply Quote 0
      • OLLI_SO
        OLLI_S Community Moderator
        last edited by

        Then I mark it as solved.

        1 Reply Last reply Reply Quote 0
        • T
          Tom VulnDetect Team Member @OLLI_S
          last edited by

          @OLLI_S
          Yes

          /Tom
          Download the latest SecTeer VulnDetect agent here:
          https://vulndetect.com/dl/secteerSetup.exe

          1 Reply Last reply Reply Quote 0
          • OLLI_SO
            OLLI_S Community Moderator
            last edited by

            So is this issue fixed now?

            T 1 Reply Last reply Reply Quote 0
            • T
              Tom VulnDetect Team Member
              last edited by

              We found evidence that this is indeed fixed, state has been updated to reflect this

              /Tom
              Download the latest SecTeer VulnDetect agent here:
              https://vulndetect.com/dl/secteerSetup.exe

              1 Reply Last reply Reply Quote 0
              • OLLI_SO
                OLLI_S Community Moderator
                last edited by OLLI_S

                @Zian There are two suggestions in this forum related to such issues:

                • Show Reason for Unsafe Status
                • New Status "Outdated" (for non-security updates)

                Feel free to comment and vote on those suggestions.

                1 Reply Last reply Reply Quote 0
                • T
                  Tom VulnDetect Team Member
                  last edited by

                  Hi Zian,
                  Thanks for reporting this.
                  This is a known issue, if you read this post:
                  https://vulndetect.org/post/1310

                  However, GIMP seems to be vulnerable to this old vuln:
CVE-2017-17789 in file-psp.exe
There is no immediate announcements or entries in the changelog about this being fixed.

                  As soon as we get some pointer to a changelog or other statement about this being fixed in a specific version, then we will update the rules to reflect this.

                  /Tom
                  Download the latest SecTeer VulnDetect agent here:
                  https://vulndetect.com/dl/secteerSetup.exe

                  1 Reply Last reply Reply Quote 1
                  • First post
                    Last post
                  Download SecTeer Personal VulnDetect - an alternative to the long lost Secunia PSI

                  Please see our Privacy and Data Processing Policy
                  Sponsored and operated by SecTeer | VulnDetect is a replacement for the EoL Secunia PSI
                  Forum software by NodeBB