VulnerableCode Package Details - pkg:ebuild/media-libs/libpng@1.3

Search for packages

Vulnerability	Summary	Fixed by
VCID-4nkw-ugs7-aaae Aliases: CVE-2013-7353	Heap-based Buffer Overflow Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow.	1.6.10 Affected by 0 other vulnerabilities.
VCID-6xqm-tgr1-aaaj Aliases: CVE-2013-7354	Uncontrolled Resource Consumption Multiple integer overflows in libpng rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow.	1.6.10 Affected by 0 other vulnerabilities.
VCID-p2mj-2bgk-aaar Aliases: CVE-2014-0333	Uncontrolled Resource Consumption The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an IDAT chunk with a length of zero.	1.6.10 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-4nkw-ugs7-aaae
Aliases:
CVE-2013-7353

Heap-based Buffer Overflow Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow.

1.6.10
Affected by 0 other vulnerabilities.

VCID-6xqm-tgr1-aaaj
Aliases:
CVE-2013-7354

Uncontrolled Resource Consumption Multiple integer overflows in libpng rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow.

1.6.10
Affected by 0 other vulnerabilities.

VCID-p2mj-2bgk-aaar
Aliases:
CVE-2014-0333

Uncontrolled Resource Consumption The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an IDAT chunk with a length of zero.

1.6.10
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T12:41:51.059082+00:00	Gentoo Importer	Affected by	VCID-p2mj-2bgk-aaar	https://security.gentoo.org/glsa/201408-06	36.0.0
2025-03-28T12:41:51.043597+00:00	Gentoo Importer	Affected by	VCID-6xqm-tgr1-aaaj	https://security.gentoo.org/glsa/201408-06	36.0.0
2025-03-28T12:41:51.024550+00:00	Gentoo Importer	Affected by	VCID-4nkw-ugs7-aaae	https://security.gentoo.org/glsa/201408-06	36.0.0
2024-09-18T07:36:07.396706+00:00	Gentoo Importer	Affected by	VCID-p2mj-2bgk-aaar	https://security.gentoo.org/glsa/201408-06	34.0.1
2024-09-18T07:36:07.379389+00:00	Gentoo Importer	Affected by	VCID-6xqm-tgr1-aaaj	https://security.gentoo.org/glsa/201408-06	34.0.1
2024-09-18T07:36:07.361685+00:00	Gentoo Importer	Affected by	VCID-4nkw-ugs7-aaae	https://security.gentoo.org/glsa/201408-06	34.0.1
2024-01-04T01:42:15.035794+00:00	Gentoo Importer	Affected by	VCID-p2mj-2bgk-aaar	https://security.gentoo.org/glsa/201408-06	34.0.0rc1
2024-01-04T01:42:15.013069+00:00	Gentoo Importer	Affected by	VCID-6xqm-tgr1-aaaj	https://security.gentoo.org/glsa/201408-06	34.0.0rc1
2024-01-04T01:42:14.991737+00:00	Gentoo Importer	Affected by	VCID-4nkw-ugs7-aaae	https://security.gentoo.org/glsa/201408-06	34.0.0rc1