{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38465?format=json","vulnerability_id":"VCID-y21n-ekwz-ayep","summary":"NULL Pointer Dereference\nThe png_set_text_2 function in libpng  allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.","aliases":[{"alias":"CVE-2016-10087"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/53246?format=json","purl":"pkg:nuget/libpng@1.6.28.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/libpng@1.6.28.1"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/53240?format=json","purl":"pkg:nuget/libpng@0.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y21n-ekwz-ayep"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/libpng@0.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/53241?format=json","purl":"pkg:nuget/libpng@1.0.28","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y21n-ekwz-ayep"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/libpng@1.0.28"},{"url":"http://public2.vulnerablecode.io/api/packages/51163?format=json","purl":"pkg:nuget/libpng@1.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4se8-jgv9-f3cb"},{"vulnerability":"VCID-8t7j-kq5w-3kd3"},{"vulnerability":"VCID-97n4-usr2-m3b1"},{"vulnerability":"VCID-m97q-c2fu-7kd9"},{"vulnerability":"VCID-nyc6-h81f-rqav"},{"vulnerability":"VCID-rcb6-uwnn-1ffn"},{"vulnerability":"VCID-wvz9-9g5m-k3cn"},{"vulnerability":"VCID-y21n-ekwz-ayep"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/libpng@1.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/53242?format=json","purl":"pkg:nuget/libpng@1.2.56","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y21n-ekwz-ayep"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/libpng@1.2.56"},{"url":"http://public2.vulnerablecode.io/api/packages/51164?format=json","purl":"pkg:nuget/libpng@1.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-24gs-g6rh-v7gh"},{"vulnerability":"VCID-4se8-jgv9-f3cb"},{"vulnerability":"VCID-8t7j-kq5w-3kd3"},{"vulnerability":"VCID-97n4-usr2-m3b1"},{"vulnerability":"VCID-b757-b3zk-c7d8"},{"vulnerability":"VCID-m97q-c2fu-7kd9"},{"vulnerability":"VCID-nyc6-h81f-rqav"},{"vulnerability":"VCID-p2gz-v2eb-n3bs"},{"vulnerability":"VCID-rcb6-uwnn-1ffn"},{"vulnerability":"VCID-wvz9-9g5m-k3cn"},{"vulnerability":"VCID-y21n-ekwz-ayep"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/libpng@1.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/53243?format=json","purl":"pkg:nuget/libpng@1.4.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y21n-ekwz-ayep"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/libpng@1.4.19"},{"url":"http://public2.vulnerablecode.io/api/packages/51198?format=json","purl":"pkg:nuget/libpng@1.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4se8-jgv9-f3cb"},{"vulnerability":"VCID-8t7j-kq5w-3kd3"},{"vulnerability":"VCID-97n4-usr2-m3b1"},{"vulnerability":"VCID-9whv-nakg-7uep"},{"vulnerability":"VCID-bem6-n5ch-j3c4"},{"vulnerability":"VCID-m97q-c2fu-7kd9"},{"vulnerability":"VCID-nyc6-h81f-rqav"},{"vulnerability":"VCID-p2gz-v2eb-n3bs"},{"vulnerability":"VCID-wvz9-9g5m-k3cn"},{"vulnerability":"VCID-y21n-ekwz-ayep"},{"vulnerability":"VCID-yfe1-js79-y3hv"},{"vulnerability":"VCID-z7uy-uene-gkb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/libpng@1.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/53244?format=json","purl":"pkg:nuget/libpng@1.5.27","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y21n-ekwz-ayep"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/libpng@1.5.27"},{"url":"http://public2.vulnerablecode.io/api/packages/51701?format=json","purl":"pkg:nuget/libpng@1.6.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-54s1-pkq4-aqhu"},{"vulnerability":"VCID-8dc9-x82x-2yg1"},{"vulnerability":"VCID-a899-g3pw-aqfj"},{"vulnerability":"VCID-vd75-tvxc-9bah"},{"vulnerability":"VCID-y21n-ekwz-ayep"},{"vulnerability":"VCID-z7uy-uene-gkb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/libpng@1.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/53245?format=json","purl":"pkg:nuget/libpng@1.6.26","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y21n-ekwz-ayep"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/libpng@1.6.26"}],"references":[{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-10087","reference_id":"CVE-2016-10087","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-10087"}],"weaknesses":[{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":476,"name":"NULL Pointer Dereference","description":"A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."}],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y21n-ekwz-ayep"}