2 matches found
CLSA-2026-1774437406 Fix CVE(s): CVE-2026-30883
SECURITY UPDATE: heap over-write in PNG raw profile writer - debian/patches/CVE-2026-30883.patch: add overflow check for allocatedlength in Magickpngwriterawprofile to prevent integer overflow leading to heap over-write - CVE-2026-30883...
exiv2: heap-based buffer over-read in PngChunk::readRawProfile in pngchunk_int.cpp
In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunkint.cpp may cause a denial of service application crash due to a heap-based buffer over-read via a crafted PNG file...