CVE-2018-14048

Опубликовано: 13 июл. 2018

Источник: debian

Описание

An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libpng1.6	fixed	1.6.37-1~exp1	experimental	package
libpng1.6	fixed	1.6.37-1		package
libpng	removed			package

Примечания

https://github.com/glennrp/libpng/issues/238
Issue in use of libpng in pnm2png not shipped in binary packages.

Связанные уязвимости

CVE-2018-14048

CVSS3: 6.5

ubuntu

больше 7 лет назад

An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image.

CVE-2018-14048

CVSS3: 3.3

redhat

больше 7 лет назад

An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image.

CVE-2018-14048

CVSS3: 6.5

nvd

больше 7 лет назад

An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image.

GHSA-64xj-5wfx-5pjg

CVSS3: 6.5

github

больше 3 лет назад

An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image.