Vulnerabilities > Libpng > Libpng > 1.4.22
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-10 | CVE-2017-12652 | Improper Input Validation vulnerability in multiple products libpng before 1.6.32 does not properly check the length of chunks against the user limit. | 9.8 |
| 2016-07-11 | CVE-2016-3751 | Remote Privilege Escalation vulnerability in Libpng Unspecified vulnerability in libpng before 1.6.20, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01, allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23265085. | 7.5 |
| 2015-01-18 | CVE-2015-0973 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495. | 7.5 |
| 2015-01-10 | CVE-2014-9495 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a "very wide interlaced" PNG image. | 10.0 |
| 2014-05-06 | CVE-2013-7354 | Numeric Errors vulnerability in Libpng Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow. | 5.0 |
| 2014-05-06 | CVE-2013-7353 | Numeric Errors vulnerability in Libpng Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow. | 5.0 |
| 2014-01-12 | CVE-2013-6954 | Denial of Service vulnerability in libpng 'png_read_transform_info()' Function NULL Pointer Dereference The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL palette, related to pngrtran.c and pngset.c. | 5.0 |