VulnerableCode Package Details - pkg:deb/debian/libpng1.6@1.6.10-1?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-h89j-mr17-rua9	Uncontrolled Resource Consumption Multiple integer overflows in libpng rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow.	CVE-2013-7354
VCID-nhbw-6tpy-pbh3	Uncontrolled Resource Consumption The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an IDAT chunk with a length of zero.	CVE-2014-0333
VCID-una1-4acn-s3dy	Heap-based Buffer Overflow Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow.	CVE-2013-7353

Vulnerability

Summary

Aliases

VCID-h89j-mr17-rua9

Uncontrolled Resource Consumption Multiple integer overflows in libpng rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow.

CVE-2013-7354

VCID-nhbw-6tpy-pbh3

Uncontrolled Resource Consumption The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an IDAT chunk with a length of zero.

CVE-2014-0333

VCID-una1-4acn-s3dy

Heap-based Buffer Overflow Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow.

CVE-2013-7353

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T11:25:41.554132+00:00	Debian Importer	Fixing	VCID-h89j-mr17-rua9	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:42:18.193322+00:00	Debian Importer	Fixing	VCID-una1-4acn-s3dy	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:40:40.802303+00:00	Debian Importer	Fixing	VCID-nhbw-6tpy-pbh3	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T07:50:40.863997+00:00	Debian Importer	Fixing	VCID-h89j-mr17-rua9	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:56:42.188799+00:00	Debian Importer	Fixing	VCID-nhbw-6tpy-pbh3	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:51:00.033122+00:00	Debian Importer	Fixing	VCID-una1-4acn-s3dy	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:29:14.814534+00:00	Debian Importer	Fixing	VCID-nhbw-6tpy-pbh3	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:29:14.772955+00:00	Debian Importer	Fixing	VCID-h89j-mr17-rua9	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:29:14.728041+00:00	Debian Importer	Fixing	VCID-una1-4acn-s3dy	https://security-tracker.debian.org/tracker/data/json	38.1.0