alpine · CVE-2019-5058

Quick triage

Priority: high Published: Updated:

View at Official alpine advisory, NVD, CVE.org · CVE detail

Freshness: no update timestamp found; verify against the upstream OS advisory manually.

Tracker summary

CVE-2019-5058: 1 source package rows (sdl2_image); 1 state rows across 1 repos (3.10-main); fixed 1, open 0.

Description:

An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image 2.0.4. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

cvelogic Threat Intelligence