VulnerableCode Package Details - pkg:ebuild/media-libs/libpng@1.6.10

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-4nkw-ugs7-aaae	Heap-based Buffer Overflow Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow.	CVE-2013-7353
VCID-6xqm-tgr1-aaaj	Uncontrolled Resource Consumption Multiple integer overflows in libpng rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow.	CVE-2013-7354
VCID-p2mj-2bgk-aaar	Uncontrolled Resource Consumption The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an IDAT chunk with a length of zero.	CVE-2014-0333

Vulnerability

Summary

Aliases

VCID-4nkw-ugs7-aaae

Heap-based Buffer Overflow Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow.

CVE-2013-7353

VCID-6xqm-tgr1-aaaj

Uncontrolled Resource Consumption Multiple integer overflows in libpng rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow.

CVE-2013-7354

VCID-p2mj-2bgk-aaar

Uncontrolled Resource Consumption The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an IDAT chunk with a length of zero.

CVE-2014-0333

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T12:41:51.064044+00:00	Gentoo Importer	Fixing	VCID-p2mj-2bgk-aaar	https://security.gentoo.org/glsa/201408-06	36.0.0
2025-03-28T12:41:51.047937+00:00	Gentoo Importer	Fixing	VCID-6xqm-tgr1-aaaj	https://security.gentoo.org/glsa/201408-06	36.0.0
2025-03-28T12:41:51.029525+00:00	Gentoo Importer	Fixing	VCID-4nkw-ugs7-aaae	https://security.gentoo.org/glsa/201408-06	36.0.0
2024-09-18T07:36:07.401581+00:00	Gentoo Importer	Fixing	VCID-p2mj-2bgk-aaar	https://security.gentoo.org/glsa/201408-06	34.0.1
2024-09-18T07:36:07.384269+00:00	Gentoo Importer	Fixing	VCID-6xqm-tgr1-aaaj	https://security.gentoo.org/glsa/201408-06	34.0.1
2024-09-18T07:36:07.366546+00:00	Gentoo Importer	Fixing	VCID-4nkw-ugs7-aaae	https://security.gentoo.org/glsa/201408-06	34.0.1
2024-01-04T01:42:15.040747+00:00	Gentoo Importer	Fixing	VCID-p2mj-2bgk-aaar	https://security.gentoo.org/glsa/201408-06	34.0.0rc1
2024-01-04T01:42:15.017849+00:00	Gentoo Importer	Fixing	VCID-6xqm-tgr1-aaaj	https://security.gentoo.org/glsa/201408-06	34.0.0rc1
2024-01-04T01:42:14.996714+00:00	Gentoo Importer	Fixing	VCID-4nkw-ugs7-aaae	https://security.gentoo.org/glsa/201408-06	34.0.0rc1