VYPR

Sdl Image

by Sdl

Source repositories

CVEs (21)

  • CVE-2017-14448HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.02

    An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

  • CVE-2017-14442HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.02

    An exploitable code execution vulnerability exists in the BMP image rendering functionality of SDL2_image-2.0.2. A specially crafted BMP image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

  • CVE-2017-14441HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.03

    An exploitable code execution vulnerability exists in the ICO image rendering functionality of SDL2_image-2.0.2. A specially crafted ICO image can cause an integer overflow, cascading to a heap overflow resulting in code execution. An attacker can display a specially crafted…

  • CVE-2017-14440HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.02

    An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to trigger this…

  • CVE-2017-12122HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.02

    An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

  • CVE-2017-2887HigOct 11, 2017
    risk 0.57cvss 8.8epss 0.03

    An exploitable buffer overflow vulnerability exists in the XCF property handling functionality of SDL_image 2.0.1. A specially crafted xcf file can cause a stack-based buffer overflow resulting in potential code execution. An attacker can provide a specially crafted XCF file to…

  • CVE-2017-14449HigApr 24, 2018
    risk 0.49cvss 7.5epss 0.02

    A double-Free vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a Double-Free situation to occur. An attacker can display a specially crafted image to trigger this vulnerability.

  • CVE-2017-14450HigApr 24, 2018
    risk 0.46cvss 7.1epss 0.02

    A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2_image-2.0.2. A specially crafted GIF image can lead to a buffer overflow on a global section. An attacker can display an image to trigger this vulnerability.

  • CVE-2018-3838MedApr 10, 2018
    risk 0.42cvss 6.5epss 0.02

    An exploitable information vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted XCF image can cause an out-of-bounds read on the heap, resulting in information disclosure. An attacker can display a…

  • CVE-2026-35444HigApr 6, 2026
    risk 0.39cvss 7.1epss 0.00

    SDL_image is a library to load images of various formats as SDL surfaces. In do_layer_surface() in src/IMG_xcf.c, pixel index values from decoded XCF tile data are used directly as colormap indices without validating them against the colormap size (cm_num). A crafted .xcf file…

  • CVE-2007-6697Feb 1, 2008
    risk 0.04cvss epss 0.11

    Buffer overflow in the LWZReadByte function in IMG_gif.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, a similar issue to CVE-2006-4484. NOTE: some of these details…

  • CVE-2008-0544Feb 1, 2008
    risk 0.01cvss epss 0.08

    Heap-based buffer overflow in the IMG_LoadLBM_RW function in IMG_lbm.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted IFF ILBM file. NOTE: some of these details are obtained…

  • CVE-2019-19721May 15, 2020
    risk 0.00cvss epss 0.02

    An off-by-one error in the DecodeBlock function in codec/sdl_image.c in VideoLAN VLC media player before 3.0.9 allows remote attackers to cause a denial of service (memory corruption) via a crafted image file. NOTE: this may be related to the SDL_Image product.

  • CVE-2019-5060Jul 31, 2019
    risk 0.00cvss epss 0.04

    An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allocating too small of a buffer. This buffer can then be written out of bounds,…

  • CVE-2019-5058Jul 31, 2019
    risk 0.00cvss epss 0.04

    An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image 2.0.4. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

  • CVE-2019-5052Jul 3, 2019
    risk 0.00cvss epss 0.05

    An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocated, which can lead to a buffer overflow and potential code execution. An attacker…

  • CVE-2019-12221May 20, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a SEGV in the SDL function SDL_free_REAL at stdlib/SDL_malloc.c.

  • CVE-2019-12219May 20, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an invalid free error in the SDL function SDL_SetError_REAL at SDL_error.c.

  • CVE-2019-12218May 20, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c.

  • CVE-2019-12217May 20, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL stdio_read function in file/SDL_rwops.c.

Page 1 of 2