Fluid Attacks Database

Description

Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via png_create_read_struct() function.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 11	libpng1.6	=1.6.37-3 \|\| =1.6.37-3+deb11u1 \|\| =1.6.37-3+deb11u2 \|\| =1.6.37-3+deb11u3 \|\| =1.6.37-4 \|\| =1.6.37-5 \|\| =1.6.38-1 \|\| =1.6.38-2 \|\| =1.6.39-1 \|\| =1.6.39-2 \|\| =1.6.40-1 \|\| =1.6.40-2 \|\| =1.6.40-3 \|\| =1.6.41-1 \|\| =1.6.42-1 \|\| =1.6.42-1.1~exp1 \|\| =1.6.43-1 \|\| =1.6.43-1exp1 \|\| =1.6.43-2 \|\| =1.6.43-3 \|\| =1.6.43-4 \|\| =1.6.43-5 \|\| =1.6.44-1 \|\| =1.6.44-2 \|\| =1.6.44-3 \|\| =1.6.45-1 \|\| =1.6.46-1 \|\| =1.6.46-2 \|\| =1.6.46-3 \|\| =1.6.46-4 \|\| =1.6.47-1 \|\| =1.6.47-1.1 \|\| =1.6.48-1 \|\| =1.6.49-1~exp1 \|\| =1.6.50-1 \|\| =1.6.50-1~exp1 \|\| =1.6.51-1 \|\| =1.6.52-1 \|\| =1.6.53-1 \|\| =1.6.54-1 \|\| =1.6.55-1 \|\| =1.6.56-1 \|\| =1.6.57-1 \|\| =1.6.58-1	-
debian 14	libpng1.6	>=0 <1.6.47-1	1.6.47-1
debian 12	libpng1.6	=1.6.39-2 \|\| =1.6.39-2+deb12u1 \|\| =1.6.39-2+deb12u2 \|\| =1.6.39-2+deb12u3 \|\| =1.6.39-2+deb12u4 \|\| =1.6.40-1 \|\| =1.6.40-2 \|\| =1.6.40-3 \|\| =1.6.41-1 \|\| =1.6.42-1 \|\| =1.6.42-1.1~exp1 \|\| =1.6.43-1 \|\| =1.6.43-1exp1 \|\| =1.6.43-2 \|\| =1.6.43-3 \|\| =1.6.43-4 \|\| =1.6.43-5 \|\| =1.6.44-1 \|\| =1.6.44-2 \|\| =1.6.44-3 \|\| =1.6.45-1 \|\| =1.6.46-1 \|\| =1.6.46-2 \|\| =1.6.46-3 \|\| =1.6.46-4 \|\| =1.6.47-1 \|\| =1.6.47-1.1 \|\| =1.6.48-1 \|\| =1.6.49-1~exp1 \|\| =1.6.50-1 \|\| =1.6.50-1~exp1 \|\| =1.6.51-1 \|\| =1.6.52-1 \|\| =1.6.53-1 \|\| =1.6.54-1 \|\| =1.6.55-1 \|\| =1.6.56-1 \|\| =1.6.57-1 \|\| =1.6.58-1	-
rpm rhel10	java-21-openjdk	-	-
rpm rhel8	java-17-openjdk	-	-
rpm rhel8	thunderbird	-	-
debian 13	libpng1.6	>=0 <1.6.47-1	1.6.47-1
rpm rhel10	firefox	-	-
rpm rhel8	java-1.8.0-openjdk	-	-
rpm rhel10	thunderbird	-	-

1-10 of 30

Aliases

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.