This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-05-02 10:37:19 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
edef3f2f-82cf-11df-bcce-0018f3e2eb82 | png -- libpng decompression buffer overflow The PNG project describes the problem in an advisory:
Discovery 2010-03-30 Entry 2010-06-28 Modified 2010-06-28 png < 1.4.3 41174 CVE-2010-1205 http://www.libpng.org/pub/png/libpng.html |
1886e195-8b87-11e5-90e7-b499baebfeaf | libpng buffer overflow in png_set_PLTE libpng reports:
Discovery 2015-11-15 Entry 2015-11-15 Modified 2015-12-08 png < 1.6.20 http://www.openwall.com/lists/oss-security/2015/11/12/2 http://www.openwall.com/lists/oss-security/2015/12/03/6 CVE-2015-8126 CVE-2015-8472 |
c564f9bd-8ba7-11e4-801f-0022156e8794 | png -- heap overflow for 32-bit builds 32-bit builds of PNG library are vulnerable to an unsigned integer overflow that is triggered by a crafted wide interlaced images. Overflow results in a heap corruption that will crash the application and may lead to the controlled overwrite of a selected portions of process address space. Discovery 2014-12-23 Entry 2015-01-05 png ge 1.2.6 lt 1.5.21 ge 1.6 lt 1.6.16 http://tfpwn.com/files/libpng_heap_overflow_1.6.15.txt http://codelabs.ru/security/vulns/analysis/libpng/2014-dec-libpng-1.6.15/ |
262b92fe-81c8-11e1-8899-001ec9578670 | png -- memory corruption/possible remote code execution The PNG project reports:
Discovery 2012-03-29 Entry 2012-04-08 png linux-f10-png < 1.4.11 CVE-2011-3048 http://www.libpng.org/pub/png/libpng.html |