Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2019-7317HistoryFeb 04, 2019 - 8:29 a.m.
CVE-2019-7317
2019-02-0408:29:00
Debian Security Bug Tracker
security-tracker.debian.org
33
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:N/I:N/A:P
0.005 Low
EPSS
Percentile
75.2%
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 999 | all | firefox | < 67.0-2 | firefox_67.0-2_all.deb |
| Debian | 12 | all | firefox-esr | < 60.7.0esr-1 | firefox-esr_60.7.0esr-1_all.deb |
| Debian | 11 | all | firefox-esr | < 60.7.0esr-1 | firefox-esr_60.7.0esr-1_all.deb |
| Debian | 10 | all | firefox-esr | < 60.7.0esr-1 | firefox-esr_60.7.0esr-1_all.deb |
| Debian | 999 | all | firefox-esr | < 60.7.0esr-1 | firefox-esr_60.7.0esr-1_all.deb |
| Debian | 13 | all | firefox-esr | < 60.7.0esr-1 | firefox-esr_60.7.0esr-1_all.deb |
| Debian | 12 | all | libpng1.6 | < 1.6.36-4 | libpng1.6_1.6.36-4_all.deb |
| Debian | 11 | all | libpng1.6 | < 1.6.36-4 | libpng1.6_1.6.36-4_all.deb |
| Debian | 10 | all | libpng1.6 | < 1.6.36-4 | libpng1.6_1.6.36-4_all.deb |
| Debian | 999 | all | libpng1.6 | < 1.6.36-4 | libpng1.6_1.6.36-4_all.deb |
Related
prion
prion
Design/Logic Flaw
2019-02-04 08:29:00
veracode
veracode
Denial Of Service (DoS)
2019-04-29 11:37:35
cloudfoundry
cloudfoundry
USN-3962-1: libpng vulnerability | Cloud Foundry
2019-05-01 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for libpng (EulerOS-SA-2019-1787)
2020-01-23 00:00:00
Fedora Update for libpng FEDORA-2019-335c3ad86a
2019-05-07 00:00:00
Ubuntu Update for libpng1.6 USN-3962-1
2019-05-01 00:00:00
f5
f5
K000132245 : libpng vulnerability CVE-2019-7317
2023-01-26 00:00:00
osv
osv
libpng1.6 - security update
2019-04-27 00:00:00
CVE-2019-7317
2019-02-04 08:29:00
firefox-esr - security update
2019-05-23 00:00:00
nessus
nessus
EulerOS 2.0 SP8 : libpng (EulerOS-SA-2019-1787)
2019-07-25 00:00:00
Debian DSA-4435-1 : libpng1.6 - security update
2019-04-29 00:00:00
Fedora 29 : 2:libpng (2019-335c3ad86a)
2019-02-12 00:00:00
ubuntucve
ubuntucve
CVE-2019-7317
2019-02-04 00:00:00
debian
debian
[SECURITY] [DSA 4435-1] libpng1.6 security update
2019-04-27 07:45:35
[SECURITY] [DSA 4435-1] libpng1.6 security update
2019-04-27 07:45:35
[SECURITY] [DLA 1800-1] firefox-esr security update
2019-05-23 09:40:35
redhatcve
redhatcve
CVE-2019-7317
2020-03-30 01:52:36
mageia
mageia
Updated libpng packages fix security vulnerability
2019-04-05 21:12:59
Updated firefox packages fix security vulnerabilities
2019-06-10 22:17:03
Updated thunderbird packages fix security vulnerabilities
2019-06-10 22:17:03
archlinux
archlinux
[ASA-201904-10] libpng: denial of service
2019-04-24 00:00:00
[ASA-201905-8] thunderbird: multiple issues
2019-05-23 00:00:00
alpinelinux
alpinelinux
CVE-2019-7317
2019-02-04 08:29:00
cve
cve
CVE-2019-7317
2019-02-04 08:29:00
fedora
fedora
[SECURITY] Fedora 29 Update: libpng-1.6.34-7.fc29
2019-02-12 02:58:45
ubuntu
ubuntu
libpng vulnerability
2019-04-30 00:00:00
OpenJDK 11 vulnerabilities
2019-07-31 00:00:00
OpenJDK 8 vulnerabilities
2019-07-31 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2328
2024-01-23 12:26:31
suse
suse
Security update for libpng16 (low)
2019-06-07 00:00:00
Security update for java-1_8_0-openjdk (important)
2019-08-15 00:00:00
Security update for java-11-openjdk (important)
2019-08-15 00:00:00
ibm
ibm
gentoo
gentoo
libpng: Multiple vulnerabilities
2019-08-03 00:00:00
slackware
slackware
[slackware-security] libpng
2019-04-17 21:20:24
redhat
redhat
(RHSA-2019:2495) Important: java-1.7.1-ibm security update
2019-08-15 08:51:41
(RHSA-2019:2494) Important: java-1.7.1-ibm security update
2019-08-15 08:51:37
(RHSA-2019:2590) Important: java-1.8.0-ibm security update
2019-09-02 07:32:56
amazon
amazon
Medium: java-11-amazon-corretto
2019-07-18 17:37:00
Critical: thunderbird
2019-06-11 23:24:00
aix
aix
Multiple vulnerabilities in IBM Java SDK affect AIX
2019-10-09 13:12:20
kaspersky
kaspersky
KLA11520 Multiple vulnerabilities in Oracle Java
2019-07-16 00:00:00
KLA11488 Multiple vulnerabilities in Mozilla Thunderbird
2019-05-21 00:00:00
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2019-2.0-0160
2019-05-23 00:00:00
Critical Photon OS Security Update - PHSA-2019-0014
2019-05-11 00:00:00
Critical Photon OS Security Update - PHSA-2019-3.0-0014
2019-05-11 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2019-07-30 00:00:00
thunderbird security update
2019-06-03 00:00:00
thunderbird security update
2019-06-03 00:00:00
centos
centos
thunderbird security update
2019-06-10 22:49:17
thunderbird security update
2019-06-10 22:30:16
firefox security update
2019-05-29 19:47:30
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:N/I:N/A:P
0.005 Low
EPSS
Percentile
75.2%
Related for DEBIANCVE:CVE-2019-7317