9 matches found
Updated libpng packages fix security vulnerabilities
LIBPNG has a use-after-free in pngsetPLTE, pngsettRNS and pngsethIST leading to corrupted chunk data and potential heap information disclosure. CVE-2026-34757 Chunk smuggling in push-mode APNG parser via unconsumed chunk body. CVE-2026-40930...
MGASA-2026-0205 Updated libpng packages fix security vulnerabilities
LIBPNG has a use-after-free in pngsetPLTE, pngsettRNS and pngsethIST leading to corrupted chunk data and potential heap information disclosure. CVE-2026-34757 Chunk smuggling in push-mode APNG parser via unconsumed chunk body. CVE-2026-40930...
CVE-2026-40930 LIBPNG: Chunk smuggling in push-mode APNG parser via unconsumed chunk body
LIBPNG is a reference library for use in applications that process PNG Portable Network Graphics raster image files. In version 1.8.0, three inter-frame chunk discard paths in the push-mode APNG parser clear the chunk-header flag without consuming the chunk body and CRC, allowing...
CVE-2026-40930 LIBPNG: Chunk smuggling in push-mode APNG parser via unconsumed chunk body
LIBPNG is a reference library for use in applications that process PNG Portable Network Graphics raster image files. In version 1.8.0, three inter-frame chunk discard paths in the push-mode APNG parser clear the chunk-header flag without consuming the chunk body and CRC, allowing...
CVE-2026-40930
CVE-2026-40930 concerns LIBPNG (v1.8.0) where three inter-frame chunk discard paths in the push-mode APNG parser clear the chunk-header flag without consuming the chunk body and CRC. This allows attacker-controlled bytes inside an ignored ancillary chunk to be reinterpreted as a fresh chunk heade...
CVE-2026-40930
LIBPNG is a reference library for use in applications that process PNG Portable Network Graphics raster image files. In version 1.8.0, three inter-frame chunk discard paths in the push-mode APNG parser clear the chunk-header flag without consuming the chunk body and CRC, allowing...
PT-2026-42116
Name of the Vulnerable Software and Affected Versions libpng-apng affected versions not specified Description An issue exists in the push-mode APNG parser where chunk smuggling is possible via an unconsumed chunk body. This occurs within the third-party libpng-apng patch. Recommendations At the...
CLSA-2025-1756751597 squid: Fix of CVE-2023-46846
CVE-2023-46846: fix Request/Response chunk smuggling in HTTP/1.1 and ICAP...
CLSA-2025-1756751473 squid: Fix of CVE-2023-46846
CVE-2023-46846: fix Request/Response chunk smuggling in HTTP/1.1 and ICAP...