CVE-2025-52930

A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data from a specially crafted .bmp file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...

CVE-2025-32468

A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp file, an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based...

Integer Overflow to Buffer Overflow

Overview Affected versions of this package are vulnerable to Integer Overflow to Buffer Overflow via the BMPv3 RLE Decoding functionality. An attacker can execute arbitrary code or cause a denial of service by supplying a specially crafted .bmp file that triggers a heap-based buffer overflow duri...

CVE-2025-52930

A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data from a specially crafted .bmp file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...

PT-2025-34618 · Unknown · Sail Image Decoding Library

Name of the Vulnerable Software and Affected Versions: SAIL Image Decoding Library version 0.9.8 Description: A memory corruption issue exists in the BMPv3 Palette Decoding functionality. Loading a specially crafted .bmp file can cause an integer overflow, leading to a heap-based buffer overflow...

SAIL 安全漏洞

SAIL is an image decoding library from SAIL open source. A security vulnerability exists in SAIL version 0.9.8, which stems from an integer overflow in the BMPv3 palette decoding function that could lead to remote code execution...

PT-2025-34625 · Unknown · Sail Image Decoding Library

Name of the Vulnerable Software and Affected Versions: SAIL Image Decoding Library version 0.9.8 Description: A memory corruption issue exists in the BMPv3 RLE Decoding functionality. A heap-based buffer overflow can occur when decompressing image data from a specially crafted .bmp file,...

SAIL Image Decoding Library BMPv3 Palette Decoding integer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2215 SAIL Image Decoding Library BMPv3 Palette Decoding integer overflow vulnerability August 25, 2025 CVE Number CVE-2025-46407 SUMMARY A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library...

SUSE-SU-2017:3441-1 Security update for gdk-pixbuf

This update for gdk-pixbuf provides the following fixes: - Add overflow checks when creating pixbuf structures in general - Fix arithmetic overflow in the BMP loader bsc1053417 - Adds support for BMPv3 with bitmasks bsc1053417...