GitLab

Hi Team,

https://github.com/GNOME/gimp/blob/master/plug-ins/gfig/gfig-dialog.c#L1888

i.e

if (access (filename, W_OK))

This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition

Set up the correct permissions (e.g., using setuid()) and try to open the file directly.

Request team to have a look and validate the same.

Cheers, Dhiraj