Описание
The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | uses system libpng |
| bionic | not-affected | uses system libpng |
| cosmic | not-affected | uses system libpng |
| devel | not-affected | uses system libpng |
| disco | not-affected | uses system libpng |
| eoan | not-affected | uses system libpng |
| esm-apps/noble | not-affected | uses system libpng |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [uses system libpng]] |
| esm-infra/focal | DNE | focal was not-affected [uses system libpng] |
| focal | not-affected | uses system libpng |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | |
| bionic | not-affected | |
| cosmic | not-affected | |
| devel | not-affected | |
| disco | not-affected | |
| eoan | not-affected | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected] |
| esm-infra/focal | DNE | |
| focal | not-affected | |
| groovy | not-affected |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | released | 1.2.50-1ubuntu2.14.04.3 |
| esm-infra/focal | DNE | |
| esm-infra/xenial | released | 1.2.54-1ubuntu1.1 |
| focal | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 1.6.27-1 |
| bionic | not-affected | 1.6.27-1 |
| cosmic | not-affected | 1.6.27-1 |
| devel | not-affected | 1.6.27-1 |
| disco | not-affected | 1.6.27-1 |
| eoan | not-affected | 1.6.27-1 |
| esm-apps/xenial | needed | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | not-affected | 1.6.27-1 |
| esm-infra/focal | not-affected | 1.6.27-1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | |
| bionic | not-affected | |
| cosmic | not-affected | |
| devel | not-affected | |
| disco | not-affected | |
| eoan | not-affected | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected] |
| esm-infra/focal | DNE | |
| focal | not-affected | |
| groovy | not-affected |
Показывать по
Ссылки на источники
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.
The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.
The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before ...
EPSS
5 Medium
CVSS2
7.5 High
CVSS3