Search for packages
| purl | pkg:nuget/libpng@1.5.10.11 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1h1a-mpgm-w3hf
Aliases: CVE-2016-3751 |
Privilege Escalation Unspecified vulnerability in libpng, as used in Android , allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug |
Affected by 2 other vulnerabilities. |
|
VCID-8g2j-rqsk-zqfh
Aliases: CVE-2017-12652 |
Improper Input Validation libpng does not properly check the length of chunks against the user limit. | There are no reported fixed by versions. |
|
VCID-9d14-kqac-nbbt
Aliases: CVE-2015-8472 |
Improper Restriction of Operations within the Bounds of a Memory Buffer Buffer overflow in the png_set_PLTE function in libpng allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8126. |
Affected by 4 other vulnerabilities. |
|
VCID-ajs9-y6dt-5fhj
Aliases: CVE-2015-8540 |
Out-of-bounds Read Integer underflow in the png_check_keyword function in pngwutil.c in libpng allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read. |
Affected by 4 other vulnerabilities. |
|
VCID-cu24-1rcd-93g3
Aliases: CVE-2015-8126 |
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. |
Affected by 2 other vulnerabilities. |
|
VCID-h89j-mr17-rua9
Aliases: CVE-2013-7354 |
Uncontrolled Resource Consumption Multiple integer overflows in libpng rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow. |
Affected by 4 other vulnerabilities. |
|
VCID-una1-4acn-s3dy
Aliases: CVE-2013-7353 |
Heap-based Buffer Overflow Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow. |
Affected by 4 other vulnerabilities. |
|
VCID-zetn-zwnv-u7gf
Aliases: CVE-2016-10087 |
NULL Pointer Dereference The png_set_text_2 function in libpng allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure. |
Affected by 1 other vulnerability. Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||