Vulnerabilities > Libpng
|2020-12-08||CVE-2020-27818|| Out-Of-Bounds Read vulnerability in multiple products |
A flaw was found in the check_chunk_name() function of pngcheck-2.4.0.
| 4.3 |
|2019-07-10||CVE-2017-12652|| Improper Input Validation vulnerability in Libpng |
libpng before 1.6.32 does not properly check the length of chunks against the user limit.
| 7.5 |
|2019-07-10||CVE-2018-14550|| Out-Of-Bounds Write vulnerability in Libpng 1.6.35 |
An issue has been found in third-party PNM decoding associated with libpng 1.6.35.
| 6.8 |
|2019-02-04||CVE-2019-7317|| USE After Free vulnerability in multiple products |
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
| 2.6 |
|2019-01-11||CVE-2019-6129|| Memory Leak vulnerability in Libpng 1.6.36 |
** DISPUTED ** png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp.
| 4.3 |
|2018-07-13||CVE-2018-14048||An issue has been found in libpng 1.6.34.|| 4.3 |
|2018-07-09||CVE-2018-13785|| Divide BY Zero vulnerability in multiple products |
In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.
| 4.3 |
|2017-01-30||CVE-2016-10087|| Null Pointer Dereference vulnerability in Libpng |
The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.
| 5.0 |
|2016-07-11||CVE-2016-3751|| Remote Privilege Escalation vulnerability in Libpng |
Unspecified vulnerability in libpng before 1.6.20, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01, allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23265085.
| 7.5 |
|2016-04-14||CVE-2015-8540|| Numeric Errors vulnerability in multiple products |
Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.
| 9.3 |