VYPR

rpm package

opensuse/optipng&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/optipng&distro=openSUSE%20Tumbleweed

Vulnerabilities (5)

  • CVE-2023-43907Oct 1, 2023
    affected < 0.7.8-1.1fixed 0.7.8-1.1

    OptiPNG v0.7.7 was discovered to contain a global buffer overflow via the 'buffer' variable at gifread.c.

  • CVE-2017-16938HigNov 24, 2017
    affected < 0.7.7-2.3fixed 0.7.7-2.3

    A global buffer overflow in OptiPNG 0.7.6 allows remote attackers to cause a denial-of-service attack or other unspecified impact with a maliciously crafted GIF format file, related to an uncontrolled loop in the LZWReadByte function of the gifread.c file.

  • CVE-2017-1000229HigNov 17, 2017
    affected < 0.7.7-2.3fixed 0.7.7-2.3

    Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 allows an attacker to remotely execute code or cause denial of service.

  • CVE-2016-2191MedApr 13, 2016
    affected < 0.7.6-1.4fixed 0.7.6-1.4

    The bmp_read_rows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (invalid memory write and crash) via a series of delta escapes in a crafted BMP image.

  • CVE-2008-5101Nov 17, 2008
    affected < 0.7.7-2.3fixed 0.7.7-2.3

    Buffer overflow in the BMP reader in OptiPNG 0.6 and 0.6.1 allows user-assisted attackers to execute arbitrary code via a crafted BMP image, related to an "array overflow."