libpng 1.5.25

CPE Details

libpng 1.5.25
libpng
libpng
1.5.25
2016-04-26
16h23 +00:00
2016-04-26
16h23 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:libpng:libpng:1.5.25:*:*:*:*:*:*:*

Informations

Vendor

libpng

Product

libpng

Version

1.5.25

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2017-12652 2019-07-10 12h10 +00:00 libpng before 1.6.32 does not properly check the length of chunks against the user limit.
9.8
Critical
CVE-2016-10087 2017-01-30 21h00 +00:00 The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.
7.5
High
CVE-2016-3751 2016-07-10 23h00 +00:00 Unspecified vulnerability in libpng before 1.6.20, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01, allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23265085.
7.8
High
CVE-2015-8540 2016-04-14 12h00 +00:00 Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.
8.8
High