Search CVE reports
11 – 20 of 64 results
Some fixes available 2 of 7
libpng before 1.6.32 does not properly check the length of chunks against the user limit.
5 affected packages
chromium-browser, firefox, libpng, libpng1.6, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | Not affected | Not affected | Not in release | Not affected |
| firefox | Not affected | Not affected | Not in release | Not affected |
| libpng | Not in release | Not in release | Not in release | Not in release |
| libpng1.6 | Not affected | Not affected | Not affected | Not affected |
| thunderbird | Not affected | Not affected | Not in release | Not affected |
An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function get_token in pnm2png.c in pnm2png.
2 affected packages
libpng, libpng1.6
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpng | — | — | — | Not in release |
| libpng1.6 | — | — | — | Not affected |
Some fixes available 41 of 44
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
8 affected packages
firefox, libpng, libpng1.6, openjdk-9, openjdk-12...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Fixed | Fixed | Fixed | Fixed |
| libpng | Not in release | Not in release | Not in release | Not in release |
| libpng1.6 | Not affected | Not affected | Not affected | Fixed |
| openjdk-9 | Not in release | Not in release | Not in release | Not in release |
| openjdk-12 | Not in release | Not in release | Not in release | Not in release |
| openjdk-8 | Not affected | Not affected | Not affected | Fixed |
| openjdk-lts | Not affected | Not affected | Not affected | Fixed |
| thunderbird | Fixed | Fixed | Fixed | Fixed |
png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. NOTE: a third party has stated "I don't think it is libpng's job to free this buffer.
2 affected packages
libpng, libpng1.6
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpng | — | — | — | Not in release |
| libpng1.6 | — | — | — | Ignored |
Some fixes available 2 of 7
An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image.
2 affected packages
libpng1.6, libpng
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpng1.6 | Not affected | Not affected | Not affected | Vulnerable |
| libpng | Not in release | Not in release | Not in release | Not in release |
In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.
2 affected packages
libpng, libpng1.6
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpng | — | — | — | Not in release |
| libpng1.6 | — | — | — | Fixed |
Some fixes available 2 of 5
The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors...
5 affected packages
firefox, libpng, thunderbird, chromium-browser, libpng1.6
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | Not in release | Not affected |
| libpng | Not in release | Not in release | Not in release | Not in release |
| thunderbird | Not affected | Not affected | Not in release | Not affected |
| chromium-browser | Not affected | Not affected | Not in release | Not affected |
| libpng1.6 | Not affected | Not affected | Not affected | Not affected |
Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to...
4 affected packages
chromium-browser, firefox, libpng, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| firefox | — | — | — | — |
| libpng | — | — | — | — |
| thunderbird | — | — | — | — |
Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service...
7 affected packages
chromium-browser, firefox, libpng, openjdk-6, openjdk-7...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| firefox | — | — | — | — |
| libpng | — | — | — | — |
| openjdk-6 | — | — | — | — |
| openjdk-7 | — | — | — | — |
| openjdk-8 | — | — | — | — |
| thunderbird | — | — | — | — |
Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote...
7 affected packages
firefox, thunderbird, chromium-browser, libpng, openjdk-6...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| thunderbird | — | — | — | — |
| chromium-browser | — | — | — | — |
| libpng | — | — | — | — |
| openjdk-6 | — | — | — | — |
| openjdk-7 | — | — | — | — |
| openjdk-8 | — | — | — | — |