Lucene search
K
LibsdlSdl2 Image

12 matches found

CVE
CVE
added 2019/07/03 6:43 p.m.340 views

CVE-2019-5052

CVE-2019-5052 affects SDL2_image 2.0.4, where loading a PCX file can trigger an exploitable integer overflow, causing too little memory to be allocated and leading to a buffer overflow with potential code execution. The vulnerability is referenced in multiple advisories (e.g., Mageia MGASA-2019-0...

8.8CVSS8.7AI score0.04515EPSS
CVE
CVE
added 2019/07/03 6:43 p.m.292 views

CVE-2019-5051

SDL2_image 2.0.4 is affected by CVE-2019-5051: an exploitable heap-based buffer overflow when loading a PCX file due to a missing error handler, potentially leading to code execution. Public records in OpenSUSE/Mageia advisories indicate the fix is released in SDL2_image 2.0.5; other connected en...

8.8CVSS8.7AI score0.04043EPSS
CVE
CVE
added 2019/05/20 4:32 p.m.190 views

CVE-2019-12217

CVE-2019-12217 is a NULL pointer dereference in the SDL stdio_read function when SDL2_image 2.0.4 is used with SDL 2.0.9 (libSDL2.a). Multiple connected advisories confirm this issue across distributions (openSUSE openSUSE-2019-2070, Fedora SDL2_image updates, Ubuntu USN-4238-1, Mageia advisories...

6.5CVSS7.1AI score0.02269EPSS
CVE
CVE
added 2019/07/31 4:48 p.m.184 views

CVE-2019-5057

SDL2_image 2.0.4 contains a PCX image parsing vulnerability (CVE-2019-5057) that can cause a heap overflow and code execution. Multiple advisories (openSUSE/Mageia) document this as a user-exploitable flaw when loading PCX files. mitigations include upgrading to SDL2_image 2.0.5 or applying vendo...

8.8CVSS8.6AI score0.03616EPSS
CVE
CVE
added 2019/05/20 4:33 p.m.181 views

CVE-2019-12221

The CVE-2019-12221 entry corresponds to a NULL/SEGV issue in SDL_free_REAL inside SDL with SDL2_image 2.0.4 (SDL 2.0.9) when used together, as described in the initial document. Connected documents confirm this vulnerability is addressed by SDL2_image updates to 2.0.5 (and corresponding SDL relea...

6.5CVSS7.1AI score0.01969EPSS
CVE
CVE
added 2019/05/20 4:33 p.m.178 views

CVE-2019-12218

CVE-2019-12218 concerns a NULL pointer dereference in the SDL2_image component (IMG_LoadPCX_RW in IMG_pcx.c) when SDL2_image 2.0.4 is used with SDL 2.0.9 libSDL2.a. Documented in multiple advisories and openSUSE/Fedora/Mageia entries; impact is a crash/denial of service potential rather than expl...

6.5CVSS7.1AI score0.01957EPSS
CVE
CVE
added 2019/07/31 4:50 p.m.176 views

CVE-2019-5059

CVE-2019-5059 describes an exploitable code execution in SDL2_image 2.0.4 via XPM image rendering caused by an integer overflow that allocates too small a heap buffer and allows out-of-bounds writes. Connected advisories (Mageia/OpenSUSE OSV) document that SDL2_image 2.0.4 is the affected version...

8.8CVSS8.7AI score0.03616EPSS
CVE
CVE
added 2019/07/31 4:49 p.m.174 views

CVE-2019-5058

CVE-2019-5058 affects SDL2_image 2.0.4, where the XCF image rendering functionality can trigger a heap overflow via a crafted XCF image, potentially enabling code execution. Public documents in OSS advisories (MGASA-2019-0363/0364 and OSV entries) link this CVE to SDL2_image and describe the vuln...

8.8CVSS8.6AI score0.03616EPSS
CVE
CVE
added 2019/07/31 4:51 p.m.165 views

CVE-2019-5060

SDL2_image 2.0.4 contains multiple vulnerabilities, including CVE-2019-5060, where an XPM image can trigger an integer overflow in colorhash, causing a heap overflow and potential code execution. The issue is part of a set of fixes for SDL2_image and related image loaders (PCX, XCF, XPM) addresse...

8.8CVSS8.9AI score0.04043EPSS
CVE
CVE
added 2019/05/20 4:33 p.m.159 views

CVE-2019-12220

CVE-2019-12220 affects libSDL2.a in SDL 2.0.9 when used with SDL2_image 2.0.4. There is an out-of-bounds read in SDL_FreePalette_REAL (video/SDL_pixels.c). Documented impact is an out-of-bounds read; CVSS data from NVD shows a MEDIUM base severity (6.5 CVSS3) with HIGH availability impact, but ex...

6.5CVSS7.1AI score0.0187EPSS
CVE
CVE
added 2019/05/20 4:33 p.m.112 views

CVE-2019-12219

CVE-2019-12219 concerns an invalid free error in SDL_SetError_REAL in the SDL_error.c path when libSDL2.a SDL 2.0.9 is used with SDL2_image 2.0.4. Multiple vendor advisories (e.g., Fedora/Mageia/Debian) reference SDL2_image updates (e.g., to 2.0.5 and beyond) as remediation, indicating the issue ...

8.8CVSS7.2AI score0.02001EPSS
CVE
CVE
added 2019/05/20 4:32 p.m.91 views

CVE-2019-12216

CVE-2019-12216 affects the SDL ecosystem when using libSDL2.a (SDL 2.0.9) with libSDL2_image.a (SDL2_image 2.0.4). The issue is a heap-based buffer overflow in the SDL2_image function IMG_LoadPCX_RW (at IMG_pcx.c). The connected documents list this CVE among SDL_image-related advisories, but do n...

6.5CVSS7.4AI score0.0221EPSS