VYPR

rpm package

suse/libpng16&distro=SUSE Linux Enterprise Module for Basesystem 15

pkg:rpm/suse/libpng16&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015

Vulnerabilities (2)

  • CVE-2019-7317MedFeb 4, 2019
    affected < 1.6.34-3.9.1fixed 1.6.34-3.9.1

    png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.

  • CVE-2018-13785MedJul 9, 2018
    affected < 1.6.34-3.9.1fixed 1.6.34-3.9.1

    In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.