A memory corruption vulnerability exists in the PSD Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .psd file, an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based buffer to overflow when decoding the image which can lead to remote code execution. An attacker will need to convince the library to read a file to trigger this vulnerability.
Metrics
Affected Vendors & Products
References
History
Tue, 02 Sep 2025 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Sail
Sail sail |
|
CPEs | cpe:2.3:a:sail:sail:0.9.8:*:*:*:*:*:*:* | |
Vendors & Products |
Sail
Sail sail |
Mon, 25 Aug 2025 22:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Sail Software
Sail Software sail Image Decoding Library |
|
Vendors & Products |
Sail Software
Sail Software sail Image Decoding Library |
Mon, 25 Aug 2025 21:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Mon, 25 Aug 2025 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A memory corruption vulnerability exists in the PSD Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .psd file, an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based buffer to overflow when decoding the image which can lead to remote code execution. An attacker will need to convince the library to read a file to trigger this vulnerability. | |
Weaknesses | CWE-680 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: talos
Published:
Updated: 2025-08-25T18:16:53.780Z
Reserved: 2025-07-10T15:22:59.572Z
Link: CVE-2025-53510

Updated: 2025-08-25T18:16:46.063Z

Status : Analyzed
Published: 2025-08-25T15:15:41.010
Modified: 2025-09-02T17:13:26.437
Link: CVE-2025-53510

No data.

Updated: 2025-08-25T22:08:13Z