Search for packages
Package details: pkg:deb/ubuntu/libpng1.6@1.6.26-6
purl pkg:deb/ubuntu/libpng1.6@1.6.26-6
Next non-vulnerable version 1.6.37-1
Latest non-vulnerable version 1.6.37-1
Risk 4.5
Vulnerabilities affecting this package (5)
Vulnerability Summary Fixed by
VCID-4wrn-uqht-aaan
Aliases:
CVE-2017-12652
Improper Input Validation libpng does not properly check the length of chunks against the user limit.
1.6.37-1
Affected by 0 other vulnerabilities.
VCID-7ep2-beej-aaaf
Aliases:
CVE-2016-10087
NULL Pointer Dereference The png_set_text_2 function in libpng allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.
1.6.27-1
Affected by 4 other vulnerabilities.
VCID-8hwe-kj4e-aaaj
Aliases:
CVE-2018-14048
An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image.
1.6.37-1
Affected by 0 other vulnerabilities.
VCID-97x6-pdeg-aaah
Aliases:
CVE-2019-7317
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
1.6.36-5
Affected by 2 other vulnerabilities.
VCID-guvv-1uwj-aaas
Aliases:
CVE-2018-13785
In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.
1.6.34-1ubuntu0.18.04.1
Affected by 3 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version