Unrated severityNVD Advisory· Published Feb 27, 2014· Updated Jun 17, 2026
CVE-2014-0333
CVE-2014-0333
Description
The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng 1.6.x through 1.6.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an IDAT chunk with a length of zero.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
20cpe:2.3:a:libpng:libpng:1.6.0:*:*:*:*:*:*:*+ 18 more
- cpe:2.3:a:libpng:libpng:1.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.6.0:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.6.1:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.6.2:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.6.3:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.6.4:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.6.6:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.6.7:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.6.7:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.6.8:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.6.8:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.6.9:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.6.9:beta:*:*:*:*:*:*
- (no CPE)range: >=1.6.0, <=1.6.9
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.