Vulnerabilities > Libpng > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-08-24 | CVE-2021-4214 | A heap overflow flaw was found in libpngs' pngimage.c program. | 5.5 |
2019-02-04 | CVE-2019-7317 | Use After Free vulnerability in multiple products png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. | 5.3 |
2019-01-11 | CVE-2019-6129 | Memory Leak vulnerability in Libpng 1.6.36 png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. | 6.5 |
2018-07-13 | CVE-2018-14048 | An issue has been found in libpng 1.6.34. | 6.5 |
2018-07-09 | CVE-2018-13785 | Integer Overflow or Wraparound vulnerability in multiple products In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service. | 6.5 |
2011-07-17 | CVE-2011-2691 | NULL Pointer Dereference vulnerability in multiple products The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers to cause a denial of service (application crash) via a crafted PNG image. | 6.5 |
2011-07-17 | CVE-2011-2501 | Out-of-bounds Read vulnerability in multiple products The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application crash) via a crafted PNG image that triggers an out-of-bounds read during the copying of error-message data. | 6.5 |
2010-06-30 | CVE-2010-2249 | Memory Leak vulnerability in multiple products Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. | 6.5 |