CVE-2021-4214

2022-08-2400:00:00

CWE-120

redhat

www.cve.org

cve-2021-4214

libpngs

pngimage.c

heap overflow

denial of service

local network access

specially crafted png file

application crash

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

19.9%

JSON

A heap overflow flaw was found in libpngs’ pngimage.c program. This flaw allows an attacker with local network access to pass a specially crafted PNG file to the pngimage utility, causing an application to crash, leading to a denial of service.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "libpng",
    "versions": [
      {
        "version": "libpng v1.6",
        "status": "affected"
      }
    ]
  }
]