The changes to the back-end had a significant impact on the results in the CARMA.

This has been fixed, but it requires a new inspection, before the results are updated.

We have a bit of a backlog on rules, so the state of certain products, including Adobe and Microsoft products, is not accurate. This will be fixed soon.

Our primary focus now is to prepare the release of the VulnDetect.

@olli_s No, I don't see the icons.
I got them direct from the app itself.

@olli_s This may be because of the changes we are making. Let's review this after we launched VulnDetect.

@olli_s I think this is a decision that needs to be made on a per app basis, depending on the discrepancy between the two.
In most cases I suppose we want this, however, part of the new rules and back-end is support for pulling information from the registry and in some cases we can get it automatically from the registry.
But when you suggest new software, it is always nice to get, because then I know what to look for when creating the first rules.

Hi Zian,
Thanks for reporting this.
This is a known issue, if you read this post:
https://vulndetect.org/post/1310

However, GIMP seems to be vulnerable to this old vuln:
CVE-2017-17789 in file-psp.exe
There is no immediate announcements or entries in the changelog about this being fixed.

As soon as we get some pointer to a changelog or other statement about this being fixed in a specific version, then we will update the rules to reflect this.