CNNVD-202508-2952 Information

CNNVD ID

CNNVD-202508-2952

Related CVE

CVE-2025-46407

• CNNVD Published: 2025-08-25

Description (Chinese)

SAIL是SAIL开源的一款图像解码库。 SAIL 0.9.8版本存在安全漏洞，该漏洞源于BMPv3调色板解码功能存在整数溢出，可能导致远程代码执行。

Description (English)

SAIL is an image decoder of the SAIL open source. There is a security loophole in version 0.9.8 of SAIL, which stems from the integer spill of the BMPv3 palette decoder function, which may lead to remote code execution.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

SAIL

Published

2025-08-25

Last Modified

2026-02-24

References

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2215 https://nvd.nist.gov/vuln/detail/CVE-2025-46407

Patch

https://sail.software/