Memory Corruption in SAIL Image Decoding Library Affects Various Applications
CVE-2025-50129

8.8HIGH

Key Information:

Vendor: Sail Image Decoding Library
Status: Sail Image Decoding Library
Vendor: CVE Published:; 25 August 2025

🔔 Create Sail Image Decoding Library Vulnerability Alert

What is CVE-2025-50129?

A memory corruption vulnerability is present in the image decoding functionality of the SAIL Image Decoding Library version 0.9.8. It arises when the library decodes specially crafted .tga files, leading to potential heap-based buffer overflow scenarios. Exploitation of this flaw could allow an attacker to execute arbitrary code remotely by tricking the library into processing malicious image data.

Affected Version(s)

SAIL Image Decoding Library v0.9.8

References

https://talosintelligence.com/vulnerability_reports/TALOS...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 25, 2025
Vulnerability Reserved
Jul 10, 2025

Credit

Discovered by a member of Cisco Talos.