Search for packages
Package details: pkg:nuget/libpng@1.6.0
purl pkg:nuget/libpng@1.6.0
Tags Ghost
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 4.5
Vulnerabilities affecting this package (7)
Vulnerability Summary Fixed by
VCID-2vwq-s4y4-aaae
Aliases:
CVE-2015-8126
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.
1.6.19.1
Affected by 3 other vulnerabilities.
VCID-731z-2fss-aaaq
Aliases:
CVE-2013-6954
Uncontrolled Resource Consumption The png_do_expand_palette function in libpng allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL palette, related to pngrtran.c and pngset.c.
1.6.18.1
Affected by 5 other vulnerabilities.
VCID-7ep2-beej-aaaf
Aliases:
CVE-2016-10087
NULL Pointer Dereference The png_set_text_2 function in libpng allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.
1.6.26.1
Affected by 2 other vulnerabilities.
1.6.28.1
Affected by 2 other vulnerabilities.
VCID-7t81-ercm-aaam
Aliases:
CVE-2015-0973
Improper Restriction of Operations within the Bounds of a Memory Buffer Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495.
1.6.18.1
Affected by 5 other vulnerabilities.
VCID-apat-tmy7-aaac
Aliases:
CVE-2014-9495
Improper Restriction of Operations within the Bounds of a Memory Buffer Heap-based buffer overflow in the png_combine_row function in libpng, when running on systems, might allow context-dependent attackers to execute arbitrary code via a "very wide interlaced" PNG image.
1.6.18.1
Affected by 5 other vulnerabilities.
VCID-f2se-ewwh-aaaa
Aliases:
CVE-2021-4214
A heap overflow flaw was found in libpngs' pngimage.c program. This flaw allows an attacker with local network access to pass a specially crafted PNG file to the pngimage utility, causing an application to crash, leading to a denial of service.
1.6.18.1
Affected by 5 other vulnerabilities.
VCID-p2mj-2bgk-aaar
Aliases:
CVE-2014-0333
Uncontrolled Resource Consumption The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an IDAT chunk with a length of zero.
1.6.18.1
Affected by 5 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-01-16T23:28:14.293557+00:00 GitLab Importer Affected by VCID-7ep2-beej-aaaf None 35.1.0
2024-09-17T22:46:05.996127+00:00 GitLab Importer Affected by VCID-2vwq-s4y4-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2015-8126.yml 34.0.1
2024-09-17T22:46:05.744730+00:00 GitLab Importer Affected by VCID-f2se-ewwh-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2021-4214.yml 34.0.1
2024-09-17T22:46:05.489733+00:00 GitLab Importer Affected by VCID-p2mj-2bgk-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2014-0333.yml 34.0.1
2024-09-17T22:46:05.400812+00:00 GitLab Importer Affected by VCID-apat-tmy7-aaac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2014-9495.yml 34.0.1
2024-09-17T22:46:05.332138+00:00 GitLab Importer Affected by VCID-731z-2fss-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2013-6954.yml 34.0.1
2024-09-17T22:46:05.223591+00:00 GitLab Importer Affected by VCID-7ep2-beej-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2016-10087.yml 34.0.1
2024-09-17T22:46:04.847023+00:00 GitLab Importer Affected by VCID-7t81-ercm-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2015-0973.yml 34.0.1
2024-01-03T18:07:26.517716+00:00 GitLab Importer Affected by VCID-2vwq-s4y4-aaae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2015-8126.yml 34.0.0rc1
2024-01-03T18:07:26.284478+00:00 GitLab Importer Affected by VCID-f2se-ewwh-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2021-4214.yml 34.0.0rc1
2024-01-03T18:07:26.053634+00:00 GitLab Importer Affected by VCID-p2mj-2bgk-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2014-0333.yml 34.0.0rc1
2024-01-03T18:07:25.976360+00:00 GitLab Importer Affected by VCID-apat-tmy7-aaac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2014-9495.yml 34.0.0rc1
2024-01-03T18:07:25.922412+00:00 GitLab Importer Affected by VCID-731z-2fss-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2013-6954.yml 34.0.0rc1
2024-01-03T18:07:25.817701+00:00 GitLab Importer Affected by VCID-7ep2-beej-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2016-10087.yml 34.0.0rc1
2024-01-03T18:07:25.490331+00:00 GitLab Importer Affected by VCID-7t81-ercm-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libpng/CVE-2015-0973.yml 34.0.0rc1