Search for packages
| purl | pkg:nuget/libpng@1.5.10 |
| Tags | Ghost |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 0.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-axvf-w4r8-xkhv
Aliases: CVE-2011-3048 |
Improper Restriction of Operations within the Bounds of a Memory Buffer The png_set_text_2 function in pngset.c in libpng allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocation failure that is not properly handled, leading to a heap-based buffer overflow. |
Affected by 4 other vulnerabilities. |
|
VCID-hfvd-x3vm-fyfz
Aliases: CVE-2012-3425 |
Improper Restriction of Operations within the Bounds of a Memory Buffer The png_push_read_zTXt function in pngpread.c in libpng allows remote attackers to cause a denial of service (out-of-bounds read) via a large avail_in field value in a PNG image. |
Affected by 4 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T12:46:47.188099+00:00 | GitLab Importer | Affected by | VCID-hfvd-x3vm-fyfz | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2012-3425.yml | 38.0.0 |
| 2026-04-01T12:46:46.893217+00:00 | GitLab Importer | Affected by | VCID-axvf-w4r8-xkhv | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2011-3048.yml | 38.0.0 |