0.6.3

DATE	CVE	VULNERABILITY TITLE	RISK
2016-04-20	CVE-2015-7801	Use-after-free vulnerability in OptiPNG 0.6.4 allows remote attackers to execute arbitrary code via a crafted PNG file. network low complexity optipng-project canonical	8.8
2016-04-13	CVE-2016-3982	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Off-by-one error in the bmp_rle4_fread function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file, which triggers a heap-based buffer overflow. network low complexity opensuse debian optipng-project canonical CWE-119	8.8
2016-04-13	CVE-2016-3981	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the bmp_read_rows function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file. local low complexity optipng-project canonical debian CWE-119	7.8