CVE-2025-6035

CVSS v3.1

6.1

Medium

Vector

AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H

Name of the Vulnerable Software and Affected Versions GIMP (affected versions not specified)

Description A flaw was found in GIMP, specifically an integer overflow vulnerability in the "Despeckle" plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel (img bpp), which can result in allocating insufficient memory and subsequently performing out-of-bounds writes. This could lead to heap corruption, a potential denial of service (DoS), or arbitrary code execution in certain scenarios.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Memory Corruption

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-190

Related Identifiers

BDU:2025-10732

CVE-2025-6035

DLA-4342-1

DSA-6043-1

OESA-2025-1832

OESA-2025-1833

OESA-2025-1834

OESA-2026-1208

SUSE-SU-2025:02367-1

USN-8082-1

Affected Products

Debian

Gimp

Linuxmint

Red Os

Ubuntu

CVE-2025-6035

Weakness Enumeration

Related Identifiers

Affected Products

References · 46