Search CVE reports
21 – 30 of 57 results
Some fixes available 1 of 7
The png_push_read_zTXt function in pngpread.c in libpng 1.0.x before 1.0.58, 1.2.x before 1.2.48, 1.4.x before 1.4.10, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large...
4 affected packages
chromium-browser, firefox, libpng, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| firefox | — | — | — | — |
| libpng | — | — | — | — |
| thunderbird | — | — | — | — |
Off-by-one error in the png_formatted_warning function in pngerror.c in libpng 1.5.4 through 1.5.7 might allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified...
4 affected packages
chromium-browser, firefox, libpng, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| firefox | — | — | — | — |
| libpng | — | — | — | — |
| thunderbird | — | — | — | — |
The png_handle_cHRM function in pngrutil.c in libpng 1.5.4, when color-correction support is enabled, allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a malformed PNG image...
1 affected package
libpng
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpng | — | — | — | — |
Some fixes available 5 of 7
The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x before 1.4.11, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a...
4 affected packages
chromium-browser, firefox, libpng, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| firefox | — | — | — | — |
| libpng | — | — | — | — |
| thunderbird | — | — | — | — |
Some fixes available 6 of 10
Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application...
4 affected packages
chromium-browser, firefox, libpng, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| firefox | — | — | — | — |
| libpng | — | — | — | — |
| thunderbird | — | — | — | — |
Some fixes available 16 of 19
Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.
5 affected packages
chromium-browser, firefox, libpng, thunderbird, xulrunner-1.9.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| firefox | — | — | — | — |
| libpng | — | — | — | — |
| thunderbird | — | — | — | — |
| xulrunner-1.9.2 | — | — | — | — |
Some fixes available 12 of 14
The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a...
3 affected packages
chromium-browser, firefox, libpng
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| firefox | — | — | — | — |
| libpng | — | — | — | — |
Some fixes available 8 of 10
The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which...
3 affected packages
chromium-browser, firefox, libpng
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| firefox | — | — | — | — |
| libpng | — | — | — | — |
Some fixes available 8 of 9
Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote...
3 affected packages
chromium-browser, firefox, libpng
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| firefox | — | — | — | — |
| libpng | — | — | — | — |
Some fixes available 11 of 13
The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application crash) via a crafted PNG...
3 affected packages
chromium-browser, firefox, libpng
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| firefox | — | — | — | — |
| libpng | — | — | — | — |