CVE-2018-14048

Name
CVE-2018-14048
Description
An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Exploit https://github.com/glennrp/libpng/issues/238
Exploit https://github.com/fouzhe/security/tree/master/libpng
Patch http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
BUGTRAQ https://seclists.org/bugtraq/2019/Apr/30
MISC http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html
GENTOO https://security.gentoo.org/glsa/201908-02

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:libpng:libpng:1.6.34:*:*:*:*:*:*:* libpng == None == 1.6.34

Vulnerable and fixed packages

Source package Branch Version Maintainer Status