Search CVE reports
1 – 10 of 62 results
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows...
5 affected packages
libpng, libpng1.6, firefox, thunderbird, chromium-browser
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpng | Not in release | Not in release | — | — |
| libpng1.6 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| firefox | Not affected | Not affected | — | — |
| thunderbird | Needs evaluation | Needs evaluation | — | — |
| chromium-browser | Not affected | Not affected | — | — |
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, there is a heap buffer overflow vulnerability in the...
5 affected packages
libpng, libpng1.6, firefox, thunderbird, chromium-browser
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpng | Not in release | Not in release | — | — |
| libpng1.6 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| firefox | Not affected | Not affected | — | — |
| thunderbird | Needs evaluation | Needs evaluation | — | — |
| chromium-browser | Not affected | Not affected | — | — |
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, an out-of-bounds read vulnerability exists in...
5 affected packages
libpng, libpng1.6, firefox, thunderbird, chromium-browser
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpng | Not in release | Not in release | — | — |
| libpng1.6 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| firefox | Not affected | Not affected | — | — |
| thunderbird | Needs evaluation | Needs evaluation | — | — |
| chromium-browser | Not affected | Not affected | — | — |
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, a heap buffer over-read vulnerability exists in...
5 affected packages
libpng, libpng1.6, firefox, thunderbird, chromium-browser
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpng | Not in release | Not in release | — | — |
| libpng1.6 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| firefox | Not affected | Not affected | — | — |
| thunderbird | Needs evaluation | Needs evaluation | — | — |
| chromium-browser | Not affected | Not affected | — | — |
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in...
5 affected packages
libpng, libpng1.6, firefox, thunderbird, chromium-browser
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpng | Not in release | Not in release | — | — |
| libpng1.6 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| firefox | Not affected | Not affected | — | — |
| thunderbird | Needs evaluation | Needs evaluation | — | — |
| chromium-browser | Not affected | Not affected | — | — |
Rejected reason: Maintainer contacted. This is a false-positive. The flaw does not actually exist and was erroneously tested.
5 affected packages
libpng, libpng1.6, thunderbird, firefox, chromium-browser
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpng | — | Not in release | Not in release | Not in release |
| libpng1.6 | Not affected | Not affected | Not affected | Not affected |
| thunderbird | Ignored | Ignored | Not in release | Ignored |
| firefox | Not affected | Not affected | Not in release | Ignored |
| chromium-browser | Not affected | Not affected | Not in release | Ignored |
A heap overflow flaw was found in libpngs' pngimage.c program. This flaw allows an attacker with local network access to pass a specially crafted PNG file to the pngimage utility, causing an application to crash, leading to a...
5 affected packages
thunderbird, chromium-browser, firefox, libpng, libpng1.6
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| thunderbird | — | Not affected | Not in release | Not affected |
| chromium-browser | — | Not affected | Not in release | Not affected |
| firefox | — | Not affected | Not in release | Not affected |
| libpng | — | Not in release | Not in release | Not in release |
| libpng1.6 | — | Not affected | Not affected | Not affected |
gif2png 2.5.13 has a memory leak in the writefile function.
3 affected packages
libpng, libpng1.6, gif2png
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpng | Not in release | Not in release | Not in release | Not in release |
| libpng1.6 | Not affected | Not affected | Not affected | Not affected |
| gif2png | Not in release | Not in release | Not in release | Needs evaluation |
Some fixes available 2 of 7
libpng before 1.6.32 does not properly check the length of chunks against the user limit.
5 affected packages
chromium-browser, firefox, libpng, libpng1.6, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | Not affected | Not affected | Not in release | Not affected |
| firefox | Not affected | Not affected | Not in release | Not affected |
| libpng | Not in release | Not in release | Not in release | Not in release |
| libpng1.6 | Not affected | Not affected | Not affected | Not affected |
| thunderbird | Not affected | Not affected | Not in release | Not affected |
An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function get_token in pnm2png.c in pnm2png.
2 affected packages
libpng, libpng1.6
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpng | — | — | — | Not in release |
| libpng1.6 | — | — | — | Not affected |