An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html | Third Party Advisory VDB Entry |
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | Patch |
https://github.com/fouzhe/security/tree/master/libpng | Exploit Third Party Advisory |
https://github.com/glennrp/libpng/issues/238 | Exploit Third Party Advisory |
https://seclists.org/bugtraq/2019/Apr/30 | Mailing List Third Party Advisory |
https://security.gentoo.org/glsa/201908-02 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
27 Jun 2022, 17:35
Type | Values Removed | Values Added |
---|---|---|
References | (GENTOO) https://security.gentoo.org/glsa/201908-02 - Third Party Advisory | |
References | (BUGTRAQ) https://seclists.org/bugtraq/2019/Apr/30 - Mailing List, Third Party Advisory | |
References | (MISC) http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html - Third Party Advisory, VDB Entry |
13 May 2022, 14:57
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:oracle:jdk:1.6.0:update_201:*:*:*:*:*:* cpe:2.3:a:oracle:jre:1.7.0:update_191:*:*:*:*:*:* cpe:2.3:a:oracle:jre:1.8.0:update_181:*:*:*:*:*:* |
cpe:2.3:a:oracle:jre:1.7.0:update191:*:*:*:*:*:* cpe:2.3:a:oracle:jre:1.6.0:update201:*:*:*:*:*:* cpe:2.3:a:oracle:jre:1.8.0:update181:*:*:*:*:*:* cpe:2.3:a:oracle:jdk:1.6.0:update201:*:*:*:*:*:* |
Information
Published : 2018-07-13 16:29
Updated : 2023-12-10 12:44
NVD link : CVE-2018-14048
Mitre link : CVE-2018-14048
CVE.ORG link : CVE-2018-14048
JSON object : View
Products Affected
oracle
- jdk
- jre
libpng
- libpng
CWE