L

Libpng Security Vulnerabilities (CVE)

Explore vulnerabilities and security advisories affecting Libpng products.

3 known CVE vulnerabilities tracked

Critical
0
High
0
Medium
3
Low
0
None
0

Vulnerabilities By Year

1
2018
2
2019

Products Affected

Libpng 3

All Libpng CVEs

Recent Highest Score Oldest
CVE-2019-7317
5.3 medium

png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.

Libpng Feb 4, 2019
CVE-2019-6129
6.5 medium

png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. NOTE: a third party has stated "I don't think it is libpng's job to free this buffer.

Libpng Jan 11, 2019
CVE-2018-13785
6.5 medium

In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.

Libpng Jul 9, 2018