{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-27T01:22:03.827","vulnerabilities":[{"cve":{"id":"CVE-2017-14442","sourceIdentifier":"talos-cna@cisco.com","published":"2018-04-24T19:29:01.720","lastModified":"2026-06-17T01:06:09.443","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An exploitable code execution vulnerability exists in the BMP image rendering functionality of SDL2_image-2.0.2. A specially crafted BMP image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability."},{"lang":"es","value":"Existe una vulnerabilidad explotable de ejecución de código en la funcionalidad de renderización de imágenes BMP de SDL2_image-2.0.2. Una imagen BMP especialmente manipulada puede provocar un desbordamiento de búfer basado en pila que resulta en la ejecución de código. Un atacante puede mostrar una imagen especialmente manipulada para provocar esta vulnerabilidad."}],"affected":[{"source":"talos-cna@cisco.com","affectedData":[{"vendor":"Sam Lantinga and Mattias Engdegård","product":"Simple DirectMedia Layer","versions":[{"version":"SDL2_image 2.0.2","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV30":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:libsdl:sdl_image:2.0.2:*:*:*:*:*:*:*","matchCriteriaId":"8ACCFE82-277E-4B12-8BD4-C7B8FBFB37BD"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"16F59A04-14CF-49E2-9973-645477EA09DA"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"DEECE5FC-CACF-4496-A3E7-164736409252"}]}]}],"references":[{"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00005.html","source":"talos-cna@cisco.com","tags":["Third Party Advisory"]},{"url":"https://security.gentoo.org/glsa/201903-17","source":"talos-cna@cisco.com","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2018/dsa-4177","source":"talos-cna@cisco.com","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2018/dsa-4184","source":"talos-cna@cisco.com","tags":["Third Party Advisory"]},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0491","source":"talos-cna@cisco.com","tags":["Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00005.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://security.gentoo.org/glsa/201903-17","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2018/dsa-4177","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2018/dsa-4184","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0491","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}