VulnerableCode Package Details - pkg:nuget/libpng@1.6.19.1

Search for packages

Vulnerability	Summary	Fixed by
VCID-8g2j-rqsk-zqfh Aliases: CVE-2017-12652	Improper Input Validation libpng does not properly check the length of chunks against the user limit.	There are no reported fixed by versions.
VCID-zetn-zwnv-u7gf Aliases: CVE-2016-10087	NULL Pointer Dereference The png_set_text_2 function in libpng allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.	1.6.26.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.6.28.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-8g2j-rqsk-zqfh
Aliases:
CVE-2017-12652

Improper Input Validation libpng does not properly check the length of chunks against the user limit.

There are no reported fixed by versions.

VCID-zetn-zwnv-u7gf
Aliases:
CVE-2016-10087

NULL Pointer Dereference The png_set_text_2 function in libpng allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.

1.6.26.1
Affected by 1 other vulnerability.

1.6.28.1
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
VCID-1h1a-mpgm-w3hf	Privilege Escalation Unspecified vulnerability in libpng, as used in Android , allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug	CVE-2016-3751
VCID-cu24-1rcd-93g3	Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.	CVE-2015-8126

Vulnerability

Summary

Aliases

VCID-1h1a-mpgm-w3hf

Privilege Escalation Unspecified vulnerability in libpng, as used in Android , allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug

CVE-2016-3751

VCID-cu24-1rcd-93g3

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.

CVE-2015-8126

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T20:55:59.920653+00:00	GitLab Importer	Affected by	VCID-8g2j-rqsk-zqfh	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2017-12652.yml	38.4.0
2026-04-16T20:36:13.956175+00:00	GitLab Importer	Affected by	VCID-zetn-zwnv-u7gf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2016-10087.yml	38.4.0
2026-04-16T20:34:17.208284+00:00	GitLab Importer	Fixing	VCID-1h1a-mpgm-w3hf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2016-3751.yml	38.4.0
2026-04-16T20:32:56.115501+00:00	GitLab Importer	Fixing	VCID-cu24-1rcd-93g3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2015-8126.yml	38.4.0
2026-04-11T22:07:01.309771+00:00	GitLab Importer	Affected by	VCID-8g2j-rqsk-zqfh	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2017-12652.yml	38.3.0
2026-04-11T21:46:47.425285+00:00	GitLab Importer	Affected by	VCID-zetn-zwnv-u7gf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2016-10087.yml	38.3.0
2026-04-11T21:44:45.211005+00:00	GitLab Importer	Fixing	VCID-1h1a-mpgm-w3hf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2016-3751.yml	38.3.0
2026-04-11T21:43:18.344099+00:00	GitLab Importer	Fixing	VCID-cu24-1rcd-93g3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2015-8126.yml	38.3.0
2026-04-02T22:19:48.665359+00:00	GitLab Importer	Affected by	VCID-8g2j-rqsk-zqfh	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2017-12652.yml	38.1.0
2026-04-02T22:00:48.066844+00:00	GitLab Importer	Affected by	VCID-zetn-zwnv-u7gf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2016-10087.yml	38.1.0
2026-04-02T21:58:49.054860+00:00	GitLab Importer	Fixing	VCID-1h1a-mpgm-w3hf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2016-3751.yml	38.1.0
2026-04-02T21:57:26.975213+00:00	GitLab Importer	Fixing	VCID-cu24-1rcd-93g3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2015-8126.yml	38.1.0
2026-04-01T16:37:35.234277+00:00	GitLab Importer	Affected by	VCID-8g2j-rqsk-zqfh	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2017-12652.yml	38.0.0
2026-04-01T16:17:59.016709+00:00	GitLab Importer	Affected by	VCID-zetn-zwnv-u7gf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2016-10087.yml	38.0.0
2026-04-01T12:47:04.711293+00:00	GitLab Importer	Fixing	VCID-1h1a-mpgm-w3hf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2016-3751.yml	38.0.0
2026-04-01T12:46:59.164892+00:00	GitLab Importer	Fixing	VCID-cu24-1rcd-93g3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2015-8126.yml	38.0.0