rpm package
opensuse/SDL2_image&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/SDL2_image&distro=openSUSE%20Tumbleweed
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-35444 | Hig | 7.1 | < 2.8.10-1.1 | 2.8.10-1.1 | Apr 6, 2026 | SDL_image is a library to load images of various formats as SDL surfaces. In do_layer_surface() in src/IMG_xcf.c, pixel index values from decoded XCF tile data are used directly as colormap indices without validating them against the colormap size (cm_num). A crafted .xcf file wi |
- affected < 2.8.10-1.1fixed 2.8.10-1.1
SDL_image is a library to load images of various formats as SDL surfaces. In do_layer_surface() in src/IMG_xcf.c, pixel index values from decoded XCF tile data are used directly as colormap indices without validating them against the colormap size (cm_num). A crafted .xcf file wi