PT-2018-12302 · Png Development+2 · Libpng+2

Ax3L

Publicado

2018-07-13

Atualizado

2026-04-14

CVE-2018-14048

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions libpng version 1.6.34

Description The issue is related to a SEGV in the function png free data in png.c, which is connected to the recommended error handling for png read image.

Recommendations For libpng version 1.6.34, consider applying the recommended error handling for png read image to prevent the SEGV in the png free data function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

ALT-PU-2018-2451

ALT-PU-2019-2547

CLEANSTART-2026-NJ21771

CVE-2018-14048

OPENSUSE-SU-2024:10972-1

USN-5432-1

USN-5432-2

Produtos afetados

Alt Linux

Ubuntu

Libpng

PT-2018-12302 · Png Development+2 · Libpng+2

CVE-2018-14048

Identificadores relacionados

Produtos afetados

Referências · 37