Search for packages
| purl | pkg:nuget/libpng@1.5.10 |
| Tags | Ghost |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 3.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-ef5v-w8g5-aaak
Aliases: CVE-2012-3425 |
Improper Restriction of Operations within the Bounds of a Memory Buffer The png_push_read_zTXt function in pngpread.c in libpng allows remote attackers to cause a denial of service (out-of-bounds read) via a large avail_in field value in a PNG image. |
Affected by 5 other vulnerabilities. |
|
VCID-vq4h-f8a5-aaap
Aliases: CVE-2011-3048 |
Improper Restriction of Operations within the Bounds of a Memory Buffer The png_set_text_2 function in pngset.c in libpng allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocation failure that is not properly handled, leading to a heap-based buffer overflow. |
Affected by 5 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2024-09-17T22:46:05.704935+00:00 | GitLab Importer | Affected by | VCID-vq4h-f8a5-aaap | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2011-3048.yml | 34.0.1 |
| 2024-09-17T22:46:05.028327+00:00 | GitLab Importer | Affected by | VCID-ef5v-w8g5-aaak | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2012-3425.yml | 34.0.1 |
| 2024-01-03T18:07:26.247990+00:00 | GitLab Importer | Affected by | VCID-vq4h-f8a5-aaap | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2011-3048.yml | 34.0.0rc1 |
| 2024-01-03T18:07:25.648305+00:00 | GitLab Importer | Affected by | VCID-ef5v-w8g5-aaak | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2012-3425.yml | 34.0.0rc1 |