Vulnerabilities > CVE-2022-3857 - NULL Pointer Dereference vulnerability in Libpng 1.6.38

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
libpng
CWE-476

Summary

A flaw was found in libpng 1.6.38. A crafted PNG image can lead to a segmentation fault and denial of service in png_setup_paeth_row() function.

Vulnerable Configurations

Part Description Count
Application
Libpng
1

Common Weakness Enumeration (CWE)