CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 2CVE-2021-4214
https://notcve.org/view.php?id=CVE-2021-4214
24 Aug 2022 — A heap overflow flaw was found in libpngs' pngimage.c program. This flaw allows an attacker with local network access to pass a specially crafted PNG file to the pngimage utility, causing an application to crash, leading to a denial of service. Se ha encontrado un fallo de desbordamiento de la pila en el programa pngimage.c de libpngs. Este fallo permite a un atacante con acceso a la red local pasar un archivo PNG especialmente diseñado a la utilidad pngimage, causando un fallo en la aplicación, conllevando... • https://access.redhat.com/security/cve/CVE-2021-4214 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-12652 – libpng: does not check length of chunks against user limit
https://notcve.org/view.php?id=CVE-2017-12652
10 Jul 2019 — libpng before 1.6.32 does not properly check the length of chunks against the user limit. En libpng anterior a versión 1.6.32, no comprueba apropiadamente la longitud de fragmentos en comparación con el límite del usuario. It was discovered that libpng incorrectly handled memory when parsing certain PNG files. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possible execute a... • http://www.securityfocus.com/bid/109269 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 2%CPEs: 5EXPL: 2CVE-2018-14550 – Slackware Security Advisory - libpng Updates
https://notcve.org/view.php?id=CVE-2018-14550
18 Apr 2019 — An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function get_token in pnm2png.c in pnm2png. Se detecto un problema en la decodificación PNM de terceros asociada con libpng versión 1.6.35. Es un desbordamiento de búfer en la región stack de la memoria en la función get_token en el archivo pnm2png.c en pnm2png. Multiple vulnerabilities have been found in libpng, the worst of which could result in a Denial of Service condition. • https://github.com/fouzhe/security/tree/master/libpng#stack-buffer-overflow-in-png2pnm-in-function-get_token • CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 57EXPL: 1CVE-2019-7317 – libpng: use-after-free in png_image_free in png.c
https://notcve.org/view.php?id=CVE-2019-7317
04 Feb 2019 — png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. La función png_image_free en el archivo png.c en libpng versiones 1.6.x anteriores a 1.6.37, presenta un uso de la memoria previamente liberada porque la función png_image_free_function es llamada bajo png_safe_execute. It was discovered that OpenJDK did not sufficiently validate serial streams before deserializing suppressed exceptions in some situations. An attacker ... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html • CWE-400: Uncontrolled Resource Consumption CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-6129
https://notcve.org/view.php?id=CVE-2019-6129
11 Jan 2019 — png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. NOTE: a third party has stated "I don't think it is libpng's job to free this buffer. ** EN DISPUTA ** png_create_info_struct en png.c en libpng 1.6.36 tiene una fuga de memoria, tal y como queda demostrado con pngcp. NOTA: un tercero ha declarado "No creo que sea tarea de libpng liberar este búfer." • https://github.com/glennrp/libpng/issues/269 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 2CVE-2018-14048 – Ubuntu Security Notice USN-5432-1
https://notcve.org/view.php?id=CVE-2018-14048
13 Jul 2018 — An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image. Se ha encontrado un problema en libpng 1.6.34. Es un SEGV en la función png_free_data en png.c, relacionado con el manejo de errores recomendado para png_read_image. It was discovered that libpng incorrectly handled memory when parsing certain PNG files. • http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html •
CVSS: 6.5EPSS: 2%CPEs: 19EXPL: 0CVE-2018-13785 – libpng: Integer overflow and resultant divide-by-zero in pngrutil.c:png_check_chunk_length() allows for denial of service
https://notcve.org/view.php?id=CVE-2018-13785
09 Jul 2018 — In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service. En libpng 1.6.34, un cálculo erróneo de row_factor en la función png_check_chunk_length (pngrutil.c) podría desencadenar un desbordamiento de enteros y una división entre cero resultante al procesar un archivo PNG manipulado, lo que conduciría a una denegación de servicio (DoS)... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-190: Integer Overflow or Wraparound CWE-369: Divide By Zero •
CVSS: 7.5EPSS: 2%CPEs: 252EXPL: 0CVE-2016-10087 – Ubuntu Security Notice USN-3712-2
https://notcve.org/view.php?id=CVE-2016-10087
31 Dec 2016 — The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure. La función png_set_text_2 en libpng 0.71 en versiones anteriores a 1.0.67, 1.2.x en versiones anteriores a 1.2.57, 1.4.x en versiones anteriores a 1.4.20, 1.5.x en... • http://www.openwall.com/lists/oss-security/2016/12/29/2 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2016-3751
https://notcve.org/view.php?id=CVE-2016-3751
11 Jul 2016 — Unspecified vulnerability in libpng before 1.6.20, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01, allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23265085. Vulnerabilidad no especificada en libpng en versiones anteriores a 1.6.20, como es usado en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a 5.0.2, 5.1.x en versiones ante... • http://source.android.com/security/bulletin/2016-07-01.html •
CVSS: 9.3EPSS: 17%CPEs: 198EXPL: 0CVE-2015-8540 – libpng: underflow read in png_check_keyword()
https://notcve.org/view.php?id=CVE-2015-8540
18 Dec 2015 — Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read. Desbordamiento inferior de entero en la función png_check_keyword en pngwutil.c en libpng 0.90 hasta la versión 0.99, 1.0.x en versiones anteriores a 1.0.66, 1.1.x y 1.2.... • http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174435.html • CWE-125: Out-of-bounds Read CWE-189: Numeric Errors •