rpm package
suse/libpng16&distro=SUSE Linux Enterprise Module for Basesystem 15 SP1
pkg:rpm/suse/libpng16&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-7317 | Med | 5.3 | < 1.6.34-3.9.1 | 1.6.34-3.9.1 | Feb 4, 2019 | png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. | |
| CVE-2018-13785 | Med | 6.5 | < 1.6.34-3.9.1 | 1.6.34-3.9.1 | Jul 9, 2018 | In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service. |
- affected < 1.6.34-3.9.1fixed 1.6.34-3.9.1
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
- affected < 1.6.34-3.9.1fixed 1.6.34-3.9.1
In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.