Vulnerabilities > Libpng > High

DATE CVE VULNERABILITY TITLE RISK
2022-08-23 CVE-2020-35511 A global buffer overflow was discovered in pngcheck function in pngcheck-2.4.0(5 patches applied) via a crafted png file.
local
low complexity
libpng debian
7.8
2019-07-10 CVE-2018-14550 Out-of-bounds Write vulnerability in multiple products
An issue has been found in third-party PNM decoding associated with libpng 1.6.35.
network
low complexity
libpng oracle netapp CWE-787
8.8
2017-01-30 CVE-2016-10087 NULL Pointer Dereference vulnerability in Libpng
The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.
network
low complexity
libpng CWE-476
7.5
2016-07-11 CVE-2016-3751 Unspecified vulnerability in libpng before 1.6.20, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01, allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23265085.
local
low complexity
libpng google
7.8
2016-04-14 CVE-2015-8540 Numeric Errors vulnerability in multiple products
Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.
network
low complexity
redhat libpng fedoraproject debian CWE-189
8.8
2016-01-21 CVE-2015-8472 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.
network
low complexity
apple libpng CWE-119
7.3
2011-07-17 CVE-2011-2692 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted PNG image that triggers the reading of uninitialized memory.
network
low complexity
libpng fedoraproject debian canonical CWE-119
8.8
2011-07-17 CVE-2011-2690 Classic Buffer Overflow vulnerability in multiple products
Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote attackers to overwrite memory with an arbitrary amount of data, and possibly have unspecified other impact, via a crafted PNG image.
network
low complexity
libpng fedoraproject debian canonical CWE-120
8.8