ROSA LABROSA-SA-2021-1884Advisory ROSA-SA-2021-1884
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.12 Low
EPSS
Percentile
95.3%
Software: libpng 1.5.13
OS: Cobalt 7.9
CVE-ID: CVE-2013-7353
CVE-Crit: HIGH
CVE-DESC: Integer overflow in png_set_unknown_chunks function in libpng / pngset.c in libpng before 1.5.14beta08 allows context-sensitive attackers to cause a denial of service (segmentation error and crash) via a crafted image that triggers a heap-based buffer overflow.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2013-7353
CVE-Crit: HIGH
CVE-DESC: Integer overflow in png_set_unknown_chunks function in libpng / pngset.c in libpng before 1.5.14beta08 allows context-sensitive attackers to cause a denial of service (segmentation error and crash) via a crafted image that triggers a heap-based buffer overflow.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2013-7354
CVE-Crit: HIGH
CVE-DESC: Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (failure) via a created function image (1) png_set_sPLT or (2) png_set_text_2, which causes a heap-based buffer overflow .
CVE-STATUS: Default
CVE-REV: default
CVE-ID: CVE-2013-7354
CVE-Crit: HIGH
CVE-DESC: Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (failure) via a created function image (1) png_set_sPLT or (2) png_set_text_2, which causes a heap-based buffer overflow .
CVE-STATUS: Default
CVE-REV: default
CVE-ID: CVE-2014-9495
CVE-Crit: HIGH
CVE-DESC: Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16 when running on 64-bit systems could allow context-sensitive attackers to execute arbitrary code over a “very wide interlaced PNG image”.
CVE-STATUS: by default
CVE-REV: default
CVE-ID: CVE-2015-0973
CVE-Crit: CRITICAL
CVE-DESC: Buffer overflow in png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-sensitive attackers to execute arbitrary code through IDAT data with wide width, which is different from the CVE vulnerability. -2014-9495.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2015-8472
CVE-Crit: HIGH
CVE-DESC: Buffer overflow in png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25 and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application failure) or possibly have an unspecified other impact by using a small bit depth value in the IHDR block (aka image header) in a PNG image. NOTE: this vulnerability exists due to an incomplete patch for CVE-2015-8126.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2015-8540
CVE-Crit: HIGH
CVE-DESC: integer value of significance loss in png_check_keyword function in pngwutil.c in libpng from 0.90 to 0.99, 1.0.x to 1.0.66, 1.1.x and 1.2.x to 1.2.56, 1.3.x and 1.4.x to 1.4. 19 and 1.5.x before 1.5.26 allow remote attackers to have an undefined impact by using a space character as a keyword in a PNG image that triggers a read outside the valid range.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2015-8540
CVE-Crit: HIGH
CVE-DESC: integer value of significance loss in png_check_keyword function in pngwutil.c in libpng from 0.90 to 0.99, 1.0.x to 1.0.66, 1.1.x and 1.2.x to 1.2.56, 1.3.x and 1.4.x to 1.4. 19 and 1.5.x before 1.5.26 allow remote attackers to have an undefined impact by using a space character as a keyword in a PNG image that triggers a read outside the valid range.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2016-10087
CVE-Crit: HIGH
CVE-DESC: The png_set_text_2 function in libpng 0.71 to 1.0.67, 1.2.x to 1.2.57, 1.4.x to 1.4.20, 1.5.x to 1.5.28, and 1.6.x to 1.6.27 allows context: Dependent attackers invoke NULL pointer dereference vectors, including loading a piece of text into a png structure, deleting the text, and then adding another piece of text to the structure.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2016-3751
CVE-Crit: HIGH
CVE-DESC: An unspecified vulnerability in libpng before 1.6.20, exploited in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07- 01, allows attackers to gain privileges through a crafted application, as demonstrated by gaining access to Signature or SignatureOrSystem, also known as an internal bug 23265085.
CVE-STATUS: default
CVE-REV: default
Related
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.12 Low
EPSS
Percentile
95.3%