VulnerableCode Package Details - pkg:deb/ubuntu/libpng1.6@1.6.36-5~build2

Search for packages

Package details: pkg:deb/ubuntu/libpng1.6@1.6.36-5~build2

Essentials
History (0)

purl	pkg:deb/ubuntu/libpng1.6@1.6.36-5~build2

Next non-vulnerable version	1.6.37-1
Latest non-vulnerable version	1.6.37-1
Risk	4.5

Vulnerabilities affecting this package (3)

Vulnerability	Summary	Fixed by
VCID-4wrn-uqht-aaan Aliases: CVE-2017-12652	Improper Input Validation libpng does not properly check the length of chunks against the user limit.	1.6.37-1 Affected by 0 other vulnerabilities.
VCID-8hwe-kj4e-aaaj Aliases: CVE-2018-14048	An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image.	1.6.37-1 Affected by 0 other vulnerabilities.
VCID-97x6-pdeg-aaah Aliases: CVE-2019-7317	png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.	1.6.36-5 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version