Lucene search

Libpng Security Vulnerabilities

cve

CVE-2018-14048

An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image.

6.5CVSS

7.4AI Score

0.002EPSS

2018-07-13 04:29 PM

187

cve

CVE-2018-14550

An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function get_token in pnm2png.c in pnm2png.

8.8CVSS

8.7AI Score

0.004EPSS

2019-07-10 12:15 PM

115

cve

CVE-2019-6129

png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. NOTE: a third party has stated "I don't think it is libpng's job to free this buffer.

6.5CVSS

5.7AI Score

0.001EPSS

2019-01-11 05:29 AM

cve

CVE-2019-7317

png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.

5.3CVSS

6.3AI Score

0.005EPSS

2019-02-04 08:29 AM

487

cve

CVE-2021-4214

A heap overflow flaw was found in libpngs' pngimage.c program. This flaw allows an attacker with local network access to pass a specially crafted PNG file to the pngimage utility, causing an application to crash, leading to a denial of service.

5.5CVSS

6.9AI Score

0.001EPSS

2022-08-24 04:15 PM

cve

CVE-2022-3857

A flaw was found in libpng 1.6.38. A crafted PNG image can lead to a segmentation fault and denial of service in png_setup_paeth_row() function.

5.5CVSS

5.3AI Score

0.001EPSS

2023-03-06 11:15 PM

172

Total number of security vulnerabilities56