png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
Configuration 7 (hide)
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
|
Configuration 10 (hide)
|
History
23 May 2022, 15:02
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:oracle:java_se:12.0.1:*:*:*:*:*:*:* |
cpe:2.3:a:oracle:jdk:11.0.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:jdk:12.0.1:*:*:*:*:*:*:* |
First Time |
Oracle jdk
|
25 Apr 2022, 14:09
Type | Values Removed | Values Added |
---|---|---|
First Time |
Redhat enterprise Linux For Power Little Endian
Netapp steelstore Netapp plug-in For Symantec Netbackup Netapp e-series Santricity Management Hp Netapp Oracle hyperion Infrastructure Technology Hpe Redhat enterprise Linux For Ibm Z Systems Redhat enterprise Linux For Scientific Computing Redhat enterprise Linux For Power Big Endian Netapp oncommand Workflow Automation Netapp e-series Santricity Unified Manager Netapp oncommand Insight Redhat enterprise Linux Workstation Hpe xp7 Command View Advanced Edition Suite Netapp snapmanager Mozilla firefox Esr Opensuse Redhat Redhat enterprise Linux Desktop Netapp e-series Santricity Web Services Oracle Mozilla Suse linux Enterprise Hp xp7 Command View Netapp cloud Backup Redhat satellite Netapp active Iq Unified Manager Opensuse package Hub Oracle java Se Suse Opensuse leap Netapp e-series Santricity Storage Manager Oracle mysql Redhat enterprise Linux Mozilla thunderbird |
|
References | (MISC) https://www.oracle.com/security-alerts/cpuoct2021.html - Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html - Mailing List, Third Party Advisory | |
References | (BUGTRAQ) https://seclists.org/bugtraq/2019/May/67 - Issue Tracking, Mailing List, Third Party Advisory | |
References | (BUGTRAQ) https://seclists.org/bugtraq/2019/May/56 - Issue Tracking, Mailing List, Third Party Advisory | |
References | (BUGTRAQ) https://seclists.org/bugtraq/2019/Apr/30 - Issue Tracking, Mailing List, Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:1269 - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/3991-1/ - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:1267 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2494 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2737 - Third Party Advisory | |
References | (BUGTRAQ) https://seclists.org/bugtraq/2019/Apr/36 - Issue Tracking, Mailing List, Third Party Advisory | |
References | (DEBIAN) https://www.debian.org/security/2019/dsa-4448 - Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html - Mailing List, Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2495 - Third Party Advisory | |
References | (MISC) https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html - Patch, Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html - Mailing List, Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html - Mailing List, Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2590 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2592 - Third Party Advisory | |
References | (GENTOO) https://security.gentoo.org/glsa/201908-02 - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html - Mailing List, Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html - Mailing List, Third Party Advisory | |
References | (BUGTRAQ) https://seclists.org/bugtraq/2019/May/59 - Issue Tracking, Mailing List, Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/3997-1/ - Third Party Advisory | |
References | (MISC) https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803 - Issue Tracking, Mailing List, Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:1308 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:1309 - Third Party Advisory | |
References | (DEBIAN) https://www.debian.org/security/2019/dsa-4451 - Third Party Advisory | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20190719-0005/ - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:1265 - Third Party Advisory | |
References | (BID) http://www.securityfocus.com/bid/108098 - Not Applicable, Third Party Advisory, VDB Entry | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:1310 - Third Party Advisory | |
References | (MISC) https://www.oracle.com/security-alerts/cpuApr2021.html - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4083-1/ - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2585 - Third Party Advisory | |
References | (CONFIRM) https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03977en_us - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4080-1/ - Third Party Advisory | |
CPE | cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:java_se:12.0.1:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_management:-:*:*:*:*:vcenter:*:* cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:* cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:* cpe:2.3:a:hpe:xp7_command_view_advanced_edition_suite:*:*:*:*:*:*:*:* cpe:2.3:a:netapp:active_iq_unified_manager:9.6:*:*:*:*:windows:*:* cpe:2.3:a:oracle:hyperion_infrastructure_technology:11.2.6.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:snapmanager:*:*:*:*:*:oracle:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:java_se:7u221:*:*:*:*:*:*:* cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:* cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_insight:*:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_storage_manager:*:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:active_iq_unified_manager:9.6:*:*:*:*:vmware_vsphere:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:* cpe:2.3:a:netapp:snapmanager:3.4.2:p1:*:*:*:sap:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* cpe:2.3:a:oracle:java_se:8u212:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:*:*:*:* cpe:2.3:a:netapp:snapmanager:*:*:*:*:*:sap:*:* cpe:2.3:a:netapp:steelstore:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:* cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:* cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_unified_manager:*:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0:*:*:*:*:*:*:* cpe:2.3:a:opensuse:package_hub:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_web_services:*:*:*:*:*:web_services_proxy:*:* cpe:2.3:a:oracle:java_se:11.0.3:*:*:*:*:*:*:* cpe:2.3:a:mozilla:thunderbird:-:*:*:*:*:*:*:* cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:snapmanager:3.4.2:p1:*:*:*:oracle:*:* cpe:2.3:a:mozilla:firefox_esr:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_workflow_automation:*:*:*:*:*:*:*:* cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* |
20 Oct 2021, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
14 Jun 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
References | (MISC) http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html - VDB Entry, Third Party Advisory |
Information
Published : 2019-02-04 08:29
Updated : 2023-12-10 12:44
NVD link : CVE-2019-7317
Mitre link : CVE-2019-7317
CVE.ORG link : CVE-2019-7317
JSON object : View
Products Affected
netapp
- oncommand_workflow_automation
- cloud_backup
- oncommand_insight
- steelstore
- e-series_santricity_storage_manager
- active_iq_unified_manager
- snapmanager
- e-series_santricity_management
- plug-in_for_symantec_netbackup
- e-series_santricity_web_services
- e-series_santricity_unified_manager
opensuse
- package_hub
- leap
mozilla
- thunderbird
- firefox_esr
hp
- xp7_command_view
redhat
- enterprise_linux_desktop
- enterprise_linux_workstation
- enterprise_linux
- enterprise_linux_for_ibm_z_systems
- satellite
- enterprise_linux_for_power_big_endian
- enterprise_linux_for_power_little_endian
- enterprise_linux_for_scientific_computing
oracle
- hyperion_infrastructure_technology
- jdk
- mysql
- java_se
hpe
- xp7_command_view_advanced_edition_suite
suse
- linux_enterprise
canonical
- ubuntu_linux
libpng
- libpng
debian
- debian_linux
CWE
CWE-416
Use After Free