CVE search results

21 – 23 of 23 results

Detailed view

Sort by:

CVE-2018-14048

Low priority

Some fixes available 2 of 7

An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image.

2 affected packages

libpng1.6, libpng

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libpng1.6	Not affected	Not affected	Not affected	Vulnerable
libpng	Not in release	Not in release	Not in release	Not in release

In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.

2 affected packages

libpng, libpng1.6

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libpng	—	—	—	Not in release
libpng1.6	—	—	—	Fixed

CVE-2016-10087

Low priority

Some fixes available 2 of 5

The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors...

5 affected packages

firefox, libpng, thunderbird, chromium-browser, libpng1.6

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Not in release	Not affected
libpng	Not in release	Not in release	Not in release	Not in release
thunderbird	Not affected	Not affected	Not in release	Not affected
chromium-browser	Not affected	Not affected	Not in release	Not affected
libpng1.6	Not affected	Not affected	Not affected	Not affected

Export to JSON

Results by page:

Search CVE reports

CVE-2018-14048

CVE-2018-13785

CVE-2016-10087