Search CVE reports
11 – 15 of 15 results
Some fixes available 41 of 44
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
8 affected packages
firefox, libpng, libpng1.6, openjdk-9, openjdk-12...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Fixed | Fixed | Fixed | Fixed |
| libpng | Not in release | Not in release | Not in release | Not in release |
| libpng1.6 | Not affected | Not affected | Not affected | Fixed |
| openjdk-9 | Not in release | Not in release | Not in release | Not in release |
| openjdk-12 | Not in release | Not in release | Not in release | Not in release |
| openjdk-8 | Not affected | Not affected | Not affected | Fixed |
| openjdk-lts | Not affected | Not affected | Not affected | Fixed |
| thunderbird | Fixed | Fixed | Fixed | Fixed |
png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. NOTE: a third party has stated "I don't think it is libpng's job to free this buffer.
2 affected packages
libpng, libpng1.6
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpng | — | — | — | Not in release |
| libpng1.6 | — | — | — | Ignored |
Some fixes available 2 of 7
An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image.
2 affected packages
libpng1.6, libpng
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpng1.6 | Not affected | Not affected | Not affected | Vulnerable |
| libpng | Not in release | Not in release | Not in release | Not in release |
In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.
2 affected packages
libpng, libpng1.6
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpng | — | — | — | Not in release |
| libpng1.6 | — | — | — | Fixed |
Some fixes available 2 of 5
The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors...
5 affected packages
firefox, libpng, thunderbird, chromium-browser, libpng1.6
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | Not in release | Not affected |
| libpng | Not in release | Not in release | Not in release | Not in release |
| thunderbird | Not affected | Not affected | Not in release | Not affected |
| chromium-browser | Not affected | Not affected | Not in release | Not affected |
| libpng1.6 | Not affected | Not affected | Not affected | Not affected |