2 matches found
RSEC-2026-1 Risk of Buffer Overflow Vulnerability when installed from source on Windows R < 4.2
Installing the png package from source on Windows could download and install an older version of libpng that has known vulnerabilities. On Windows R versions 4.2, building the png package will download an archived libpng 1.5.4 from 2011. Note that on R versions 4.2 or newer, libpng is bundled in...
Malicious code in tiny-png (npm)
The package tiny-png was found to contain malicious code...