Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-6035

Опубликовано: 13 июн. 2025
Источник: nvd
CVSS3: 5.5
CVSS3: 7.8
EPSS Низкий

Описание

A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP "Despeckle" plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel (img_bpp), which can result in allocating insufficient memory and subsequently performing out-of-bounds writes. This issue could lead to heap corruption, a potential denial of service (DoS), or arbitrary code execution in certain scenarios.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:gimp:gimp:2.8.0:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 4%
0.00018
Низкий

5.5 Medium

CVSS3

7.8 High

CVSS3

Дефекты

CWE-190
CWE-190

Связанные уязвимости

ubuntu логотип

CVE-2025-6035

CVSS3: 5.5
ubuntu
6 месяцев назад

A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP "Despeckle" plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel (img_bpp), which can result in allocating insufficient memory and subsequently performing out-of-bounds writes. This issue could lead to heap corruption, a potential denial of service (DoS), or arbitrary code execution in certain scenarios.

redhat логотип

CVE-2025-6035

CVSS3: 6.6
redhat
6 месяцев назад

A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP "Despeckle" plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel (img_bpp), which can result in allocating insufficient memory and subsequently performing out-of-bounds writes. This issue could lead to heap corruption, a potential denial of service (DoS), or arbitrary code execution in certain scenarios.

debian логотип

CVE-2025-6035

CVSS3: 5.5
debian
6 месяцев назад

A flaw was found in GIMP. An integer overflow vulnerability exists in ...

suse-cvrf логотип

SUSE-SU-2025:02367-1

suse-cvrf
5 месяцев назад

Security update for gimp

github логотип

GHSA-h5rp-69cv-hv5v

CVSS3: 6.6
github
6 месяцев назад

A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP "Despeckle" plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel (img_bpp), which can result in allocating insufficient memory and subsequently performing out-of-bounds writes. This issue could lead to heap corruption, a potential denial of service (DoS), or arbitrary code execution in certain scenarios.

EPSS

Процентиль: 4%
0.00018
Низкий

5.5 Medium

CVSS3

7.8 High

CVSS3

Дефекты

CWE-190
CWE-190