Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-6035

Опубликовано: 13 июн. 2025
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 6.6

Описание

A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP "Despeckle" plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel (img_bpp), which can result in allocating insufficient memory and subsequently performing out-of-bounds writes. This issue could lead to heap corruption, a potential denial of service (DoS), or arbitrary code execution in certain scenarios.

РелизСтатусПримечание
devel

not-affected

3.0.4-2
esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-apps/xenial

needs-triage

jammy

needs-triage

noble

needs-triage

oracular

ignored

end of life, was needs-triage
plucky

needs-triage

Показывать по

EPSS

Процентиль: 2%
0.00017
Низкий

6.6 Medium

CVSS3

Связанные уязвимости

CVSS3: 6.6
redhat
около 2 месяцев назад

A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP "Despeckle" plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel (img_bpp), which can result in allocating insufficient memory and subsequently performing out-of-bounds writes. This issue could lead to heap corruption, a potential denial of service (DoS), or arbitrary code execution in certain scenarios.

CVSS3: 6.6
nvd
около 2 месяцев назад

A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP "Despeckle" plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel (img_bpp), which can result in allocating insufficient memory and subsequently performing out-of-bounds writes. This issue could lead to heap corruption, a potential denial of service (DoS), or arbitrary code execution in certain scenarios.

CVSS3: 6.6
debian
около 2 месяцев назад

A flaw was found in GIMP. An integer overflow vulnerability exists in ...

suse-cvrf
19 дней назад

Security update for gimp

CVSS3: 6.6
github
около 2 месяцев назад

A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP "Despeckle" plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel (img_bpp), which can result in allocating insufficient memory and subsequently performing out-of-bounds writes. This issue could lead to heap corruption, a potential denial of service (DoS), or arbitrary code execution in certain scenarios.

EPSS

Процентиль: 2%
0.00017
Низкий

6.6 Medium

CVSS3