An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image.
References
Link | Resource |
---|---|
https://github.com/glennrp/libpng/issues/238 | Exploit Third Party Advisory |
https://github.com/fouzhe/security/tree/master/libpng | Exploit Third Party Advisory |
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | Patch |
https://seclists.org/bugtraq/2019/Apr/30 | Mailing List Third Party Advisory |
http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html | Third Party Advisory VDB Entry |
https://security.gentoo.org/glsa/201908-02 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Information
Published : 2018-07-13 09:29
Updated : 2022-06-27 10:35
NVD link : CVE-2018-14048
Mitre link : CVE-2018-14048
JSON object : View
CWE
Products Affected
oracle
- jdk
- jre
libpng
- libpng