Gentoo Linux Security Advisory 201603-1 - GIMP is vulnerable to multiple buffer overflows which could result in the execution of arbitrary code or Denial of Service. Versions less than 2.8.0 are affected.
2d937b6ac357f3db2174623be462148d061d7a88daeede1c70456a45ef12569f
There is an arbitrary command execution vulnerability in the scriptfu network server console in the GIMP 2.6 branch. It is possible to use a python scriptfu command to run arbitrary operating-system commands and potentially take full control of the host.
6bb8abc35df548c551fcf9ff102ee8db444b1e273993fe8a725e91885c36da04