CVE-2018-18581

LuPng (miniz/lupng.c) contains a heap-based buffer over-read in internalPrintf, present in LuPng up to 2017-03-10. Multiple sources (CNVD-2019-09762, NVD CVE-2018-18581 listings, CVE records, and CVELIST) describe a heap over-read in internalPrintf of LuPng’s miniz/lupng.c, with potential for arb...