Lucene search
K
LibsdlSdl Image

13 matches found

CVE
CVE
added 2018/04/10 9:0 p.m.104 views

CVE-2018-3839

CVE-2018-3839 is an exploitable code execution in SDL2_image-2.0.2’s XCF image rendering. A specially crafted XCF image can cause an out-of-bounds write on the heap, enabling remote code execution when the image is processed. Multiple connected advisories confirm the issue and indicate fixes in S...

8.8CVSS8.7AI score0.02598EPSS
CVE
CVE
added 2018/04/24 7:0 p.m.96 views

CVE-2017-12122

The CVE-2017-12122 entry concerns SDL2_image-2.0.2: an exploitable heap overflow in the ILBM image rendering path that can lead to code execution when a specially crafted ILBM image is displayed. Public documents confirm impact on SDL2_image and related packages (e.g., Debian, Gentoo GLSA), with ...

8.8CVSS8.7AI score0.02395EPSS
CVE
CVE
added 2018/11/01 3:0 p.m.96 views

CVE-2018-3977

CVE-2018-3977 is an exploitable heap overflow in the SDL2_image library’s XCF image handling (IMG_xcf.c) that can lead to remote code execution when processing a crafted XCF image. The vulnerability affects SDL2_image versions around 2.0.3 and was addressed in multiple vendor advisories, with Deb...

8.8CVSS8.6AI score0.03479EPSS
CVE
CVE
added 2018/04/24 7:0 p.m.95 views

CVE-2017-14441

SDL2_image-2.0.2 contains an exploitable vulnerability in the ICO image rendering path: a crafted ICO can trigger an integer overflow that cascades to a heap overflow and code execution (CVE-2017-14441). Public advisories reference SDL2_image 2.0.4 as the fixed version and encourage upgrading (e....

8.8CVSS8.7AI score0.02677EPSS
CVE
CVE
added 2018/04/24 7:0 p.m.92 views

CVE-2017-14448

CVE-2017-14448 affects SDL2_image-2.0.2: the XCF image rendering path can overflow the heap, enabling code execution when a specially crafted XCF image is displayed. Public advisories indicate upgrading to SDL2_image-2.0.4 (or newer) to fix this issue; other sources note related advisories upgrad...

8.8CVSS8.7AI score0.02395EPSS
CVE
CVE
added 2018/04/24 7:0 p.m.92 views

CVE-2017-14450

CVE-2017-14450 affects SDL2_image-2.0.2, where the GIF image parsing functionality has a buffer overflow risk in the global section when processing a specially crafted GIF image displayed by a user. Public sources in connected docs confirm this vulnerability and its association with SDL2_image’s ...

7.1CVSS7.6AI score0.01583EPSS
CVE
CVE
added 2018/04/24 7:0 p.m.91 views

CVE-2017-14440

SDL2_image-2.0.2 contains an exploitable vulnerability in ILBM image rendering that can trigger a stack overflow and lead to code execution when processing a crafted ILBM image. This vulnerability is corroborated across multiple sources (e.g., Debian DSA-4184-1, GLSA-201903-17, Mageia MGASA-2018-...

8.8CVSS8.7AI score0.02446EPSS
CVE
CVE
added 2017/10/11 6:0 p.m.90 views

CVE-2017-2887

CVE-2017-2887 affects SDL_image 2.0.1, with a stack-based buffer overflow in the XCF property handling. A specially crafted XCF file can overflow a stack buffer, potentially enabling code execution. The vulnerability is exploitable via crafted XCF input and does not specify a required user intera...

8.8CVSS8.7AI score0.02656EPSS
CVE
CVE
added 2018/04/10 9:0 p.m.90 views

CVE-2018-3838

The CVE-2018-3838 entry concerns SDL2_image-2.0.2: an exploitable vulnerability in the XCF image rendering path can trigger an out-of-bounds read on the heap, leading to information disclosure. Public reports (e.g., TALOS advisories and related Debian/Gentoo/Mageia notices) confirm this family of...

6.5CVSS6.7AI score0.01824EPSS
CVE
CVE
added 2018/04/24 7:0 p.m.87 views

CVE-2017-14442

CVE-2017-14442 affects SDL2_image-2.0.2 BMP image rendering, causing a stack overflow that can lead to remote code execution when a specially crafted BMP image is processed. Public sources describe the vulnerability across multiple advisories (Debian DSA-4184-1, Mageia MGASA-2018-0454) and indica...

8.8CVSS8.7AI score0.02395EPSS
CVE
CVE
added 2018/04/24 7:0 p.m.87 views

CVE-2017-14449

SDL2_image-2.0.2 contains a double-free vulnerability in the XCF image rendering path. A specially crafted XCF image can trigger a double-free, potentially enabling arbitrary behavior on vulnerable systems. Affected: SDL2_image libraries (notably 2.0.2). Public advisories (e.g., Mageia GLSA-2018-...

8.8CVSS8.2AI score0.01677EPSS
CVE
CVE
added 2018/04/10 9:0 p.m.84 views

CVE-2018-3837

CVE-2018-3837 describes an information-disclosure flaw in the PCX image handling of SDL2_image-2.0.2. A specially crafted PCX image can trigger an out-of-bounds read on the heap, allowing partial disclosure when the image is processed. The vulnerability affects SDL2_image’s PCX rendering path and...

5.5CVSS6.2AI score0.01248EPSS
CVE
CVE
added 2026/04/06 9:44 p.m.77 views

CVE-2026-35444

The CVE-2026-35444 issue affects SDL_image’s XCF loader (src/IMG_xcf.c). In do_layer_surface(), pixel indices from decoded XCF tile data are used directly as colormap indices without validating against cm_num, enabling heap out-of-bounds reads (up to 762 bytes past the colormap allocation) for bo...

7.1CVSS5.9AI score0.00262EPSS