Integer Overflow Vulnerability in GIMP Despeckle Plug-in by GIMP Development Team
CVE-2025-6035

6.6MEDIUM

Key Information:

Vendor: Red Hat
Status: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9
Vendor: CVE Published:; 13 June 2025

What is CVE-2025-6035?

An integer overflow vulnerability in the GIMP Despeckle plug-in arises from the unchecked multiplication of image dimensions, including width, height, and bytes-per-pixel. This flaw can result in insufficient memory allocation, leading to out-of-bounds writes. Consequently, the vulnerability presents risks of heap corruption, which may cause denial of service (DoS) incidents or allow for arbitrary code execution under certain circumstances.

References

https://access.redhat.com/security/cve/CVE-2025-6035

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2372515

issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:

6.6

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 13, 2025
Vulnerability Reserved
Jun 12, 2025

Red Hat

What is CVE-2025-6035?

References

CVSS V3.1

Timeline