13 results (0.008 seconds)

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 2

A heap overflow flaw was found in libpngs' pngimage.c program. This flaw allows an attacker with local network access to pass a specially crafted PNG file to the pngimage utility, causing an application to crash, leading to a denial of service. Se ha encontrado un fallo de desbordamiento de la pila en el programa pngimage.c de libpngs. Este fallo permite a un atacante con acceso a la red local pasar un archivo PNG especialmente diseñado a la utilidad pngimage, causando un fallo en la aplicación, conllevando a una denegación de servicio. • https://access.redhat.com/security/cve/CVE-2021-4214 https://bugzilla.redhat.com/show_bug.cgi?id=2043393 https://github.com/glennrp/libpng/issues/302 https://security-tracker.debian.org/tracker/CVE-2021-4214 https://security.netapp.com/advisory/ntap-20221020-0001 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 0

libpng before 1.6.32 does not properly check the length of chunks against the user limit. En libpng anterior a versión 1.6.32, no comprueba apropiadamente la longitud de fragmentos en comparación con el límite del usuario. • http://www.securityfocus.com/bid/109269 https://github.com/glennrp/libpng/blob/df7e9dae0c4aac63d55361e35709c864fa1b8363/ANNOUNCE https://security.netapp.com/advisory/ntap-20220506-0003 https://support.f5.com/csp/article/K88124225 https://support.f5.com/csp/article/K88124225?utm_source=f5support&amp%3Butm_medium=RSS https://access.redhat.com/security/cve/CVE-2017-12652 https://bugzilla.redhat.com/show_bug.cgi?id=1733956 • CWE-20: Improper Input Validation •

CVSS: 5.3EPSS: 0%CPEs: 57EXPL: 1

png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. La función png_image_free en el archivo png.c en libpng versiones 1.6.x anteriores a 1.6.37, presenta un uso de la memoria previamente liberada porque la función png_image_free_function es llamada bajo png_safe_execute. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html http://www.securityfocus.com/bid/108098 https:/ • CWE-400: Uncontrolled Resource Consumption CWE-416: Use After Free •

CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 2

An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image. Se ha encontrado un problema en libpng 1.6.34. Es un SEGV en la función png_free_data en png.c, relacionado con el manejo de errores recomendado para png_read_image. • http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html https://github.com/fouzhe/security/tree/master/libpng https://github.com/glennrp/libpng/issues/238 https://seclists.org/bugtraq/2019/Apr/30 https://security.gentoo.org/glsa/201908-02 •

CVSS: 6.5EPSS: 0%CPEs: 19EXPL: 0

In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service. En libpng 1.6.34, un cálculo erróneo de row_factor en la función png_check_chunk_length (pngrutil.c) podría desencadenar un desbordamiento de enteros y una división entre cero resultante al procesar un archivo PNG manipulado, lo que conduciría a una denegación de servicio (DoS). • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html http://www.securityfocus.com/bid/105599 http://www.securitytracker.com/id/1041889 https://access.redhat.com/errata/RHSA-2018:3000 https://access.redhat.com/errata/RHSA-2018:3001 https://access.redhat.com/errata/RHSA-2018:3002 https://access.redhat.com/errata/RHSA-2018:3003 https://access.redhat.com/errata/RHSA-2018:3007 https://access.redhat.com/errata/RHSA-2018:3008 https://access.redhat.com/errata/ • CWE-190: Integer Overflow or Wraparound CWE-369: Divide By Zero •