{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-52456", "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "state": "PUBLISHED", "assignerShortName": "talos", "dateReserved": "2025-07-17T07:10:35.028Z", "datePublished": "2025-08-25T14:17:35.230Z", "dateUpdated": "2025-11-03T18:13:04.538Z"}, "containers": {"cna": {"affected": [{"vendor": "SAIL Image Decoding Library", "product": "SAIL Image Decoding Library", "versions": [{"version": "v0.9.8", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A memory corruption vulnerability exists in the WebP Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .webp animation an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based buffer to overflow when decoding the image which can lead to remote code execution. An attacker will need to convince the library to read a file to trigger this vulnerability."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-680: Integer Overflow to Buffer Overflow", "type": "CWE", "cweId": "CWE-680"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH"}}], "providerMetadata": {"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos", "dateUpdated": "2025-08-25T14:17:35.230Z"}, "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2224", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2224"}], "credits": [{"lang": "en", "value": "Discovered by a member of Cisco Talos."}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-25T19:03:02.553973Z", "id": "CVE-2025-52456", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-25T19:03:08.616Z"}}, {"title": "CVE Program Container", "references": [{"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2224"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T18:13:04.538Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-52456", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-08-25T19:03:02.553973Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-25T18:19:40.495Z"}}], "cna": {"credits": [{"lang": "en", "value": "Discovered by a member of Cisco Talos."}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "SAIL Image Decoding Library", "product": "SAIL Image Decoding Library", "versions": [{"status": "affected", "version": "v0.9.8"}]}], "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2224", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2224"}], "descriptions": [{"lang": "en", "value": "A memory corruption vulnerability exists in the WebP Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .webp animation an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based buffer to overflow when decoding the image which can lead to remote code execution. An attacker will need to convince the library to read a file to trigger this vulnerability."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-680", "description": "CWE-680: Integer Overflow to Buffer Overflow"}]}], "providerMetadata": {"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos", "dateUpdated": "2025-08-25T14:17:35.230Z"}}}, "cveMetadata": {"cveId": "CVE-2025-52456", "state": "PUBLISHED", "dateUpdated": "2025-08-25T19:03:08.616Z", "dateReserved": "2025-07-17T07:10:35.028Z", "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "datePublished": "2025-08-25T14:17:35.230Z", "assignerShortName": "talos"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sail:sail:0.9.8:*:*:*:*:*:*:*", "matchCriteriaId": "BDFCF91A-2A3D-45C6-A8C3-DD90A646BDAA", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A memory corruption vulnerability exists in the WebP Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .webp animation an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based buffer to overflow when decoding the image which can lead to remote code execution. An attacker will need to convince the library to read a file to trigger this vulnerability."}, {"lang": "es", "value": "Existe una vulnerabilidad de corrupci\u00f3n de memoria en la funci\u00f3n WebP Image Decoding de SAIL Image Decoding Library v0.9.8. Al cargar una animaci\u00f3n .webp especialmente manipulada, se puede producir un desbordamiento de enteros al calcular el paso de decodificaci\u00f3n. Esto provoca un desbordamiento del b\u00fafer del mont\u00f3n al decodificar la imagen, lo que puede provocar la ejecuci\u00f3n remota de c\u00f3digo. Un atacante deber\u00e1 convencer a la librer\u00eda para que lea un archivo para activar esta vulnerabilidad."}], "id": "CVE-2025-52456", "lastModified": "2025-11-03T19:16:07.243", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "talos-cna@cisco.com", "type": "Secondary"}]}, "published": "2025-08-25T15:15:40.410", "references": [{"source": "talos-cna@cisco.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2224"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2224"}], "sourceIdentifier": "talos-cna@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-680"}], "source": "talos-cna@cisco.com", "type": "Secondary"}]}

{}