Sail
Monthly
Heap buffer overflow in SAIL image library's TGA decoder allows remote code execution via malformed RLE-compressed TGA files against all versions prior to commit 45d48d1. Network-accessible applications processing untrusted TGA images can be fully compromised without authentication or user interaction (CVSS 9.8). The raw-packet RLE decompression path permits writing up to 496 bytes of attacker-controlled data beyond allocated heap bounds. Vendor patch confirmed via GitHub commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302. No CISA KEV listing or public POC identified at time of analysis, but the straightforward exploitation conditions (parsing untrusted files) and complete technical disclosure create high weaponization risk.
Heap buffer overflow in SAIL PSD codec allows remote code execution when processing malicious LAB-mode PSD files. Affects all SAIL versions prior to commit c930284 (HappySeaFox/sail). Attackers can achieve arbitrary code execution (CVSS 9.8: AV:N/AC:L/PR:N/UI:N) by triggering a mismatch between computed bytes-per-pixel (6 bytes for 3-channel 16-bit LAB) and allocated buffer size (5 bytes for BPP40_CIE_LAB format). Every pixel write deterministically overflows the heap buffer. EPSS data not available. Not listed in CISA KEV. Patch available via GitHub commit c930284445ea3ff94451ccd7a57c999eca3bc979.
Out-of-bounds memory access in SAIL image library's XWD codec allows remote attackers to achieve arbitrary code execution via malformed image files. The vulnerability stems from a pixel format mismatch where buffer allocation uses pixmap_depth=8 (1 byte/pixel) but byte-swap operations use bits_per_pixel=32 (4 bytes/pixel), causing 4x buffer overrun. CVSS 9.8 (AV:N/AC:L/PR:N/UI:N) indicates trivial exploitation requiring only delivery of a crafted XWD file. EPSS data unavailable; no KEV listing indicates targeted rather than widespread exploitation. Fix available in commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02.
The SAIL image library contains a heap buffer overflow in its XWD file parser that fails to validate the bytes_per_line value read from untrusted files, allowing attackers to trigger out-of-bounds memory writes during image processing. Public exploit code exists for this vulnerability affecting all versions of SAIL. No patch is currently available, leaving users of this cross-platform image loading library exposed to potential code execution or denial of service attacks.
A memory corruption vulnerability exists in the PSD Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A memory corruption vulnerability exists in the PSD RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A memory corruption vulnerability exists in the WebP Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library v0.9.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Heap buffer overflow in SAIL image library's TGA decoder allows remote code execution via malformed RLE-compressed TGA files against all versions prior to commit 45d48d1. Network-accessible applications processing untrusted TGA images can be fully compromised without authentication or user interaction (CVSS 9.8). The raw-packet RLE decompression path permits writing up to 496 bytes of attacker-controlled data beyond allocated heap bounds. Vendor patch confirmed via GitHub commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302. No CISA KEV listing or public POC identified at time of analysis, but the straightforward exploitation conditions (parsing untrusted files) and complete technical disclosure create high weaponization risk.
Heap buffer overflow in SAIL PSD codec allows remote code execution when processing malicious LAB-mode PSD files. Affects all SAIL versions prior to commit c930284 (HappySeaFox/sail). Attackers can achieve arbitrary code execution (CVSS 9.8: AV:N/AC:L/PR:N/UI:N) by triggering a mismatch between computed bytes-per-pixel (6 bytes for 3-channel 16-bit LAB) and allocated buffer size (5 bytes for BPP40_CIE_LAB format). Every pixel write deterministically overflows the heap buffer. EPSS data not available. Not listed in CISA KEV. Patch available via GitHub commit c930284445ea3ff94451ccd7a57c999eca3bc979.
Out-of-bounds memory access in SAIL image library's XWD codec allows remote attackers to achieve arbitrary code execution via malformed image files. The vulnerability stems from a pixel format mismatch where buffer allocation uses pixmap_depth=8 (1 byte/pixel) but byte-swap operations use bits_per_pixel=32 (4 bytes/pixel), causing 4x buffer overrun. CVSS 9.8 (AV:N/AC:L/PR:N/UI:N) indicates trivial exploitation requiring only delivery of a crafted XWD file. EPSS data unavailable; no KEV listing indicates targeted rather than widespread exploitation. Fix available in commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02.
The SAIL image library contains a heap buffer overflow in its XWD file parser that fails to validate the bytes_per_line value read from untrusted files, allowing attackers to trigger out-of-bounds memory writes during image processing. Public exploit code exists for this vulnerability affecting all versions of SAIL. No patch is currently available, leaving users of this cross-platform image loading library exposed to potential code execution or denial of service attacks.
A memory corruption vulnerability exists in the PSD Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A memory corruption vulnerability exists in the PSD RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A memory corruption vulnerability exists in the WebP Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library v0.9.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.