Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
LIBPNG has a yse-after-free in png_set_PLTE, png_set_tRNS and png_set_hIST leading to corrupted chunk data and potential heap information disclosure
Vulnerability Description
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from png_get_PLTE, png_get_tRNS, or png_get_hIST back into the corresponding setter on the same png_struct/png_info pair causes the setter to read from freed memory and copy its contents into the replacement buffer. The setter frees the internal buffer before copying from the caller-supplied pointer, which now dangles. The freed region may contain stale data (producing silently corrupted chunk metadata) or data from subsequent heap allocations (leaking unrelated heap contents into the chunk struct). This vulnerability is fixed in 1.6.57.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Vulnerability Type
释放后使用
Vulnerability Title
libpng 资源管理错误漏洞
Vulnerability Description
libpng是The PNG Development Group开源的一个可对PNG图形文件实现创建、读写等操作的PNG参考库。 LIBPNG 1.0.9至1.6.57之前版本存在资源管理错误漏洞,该漏洞源于将从png_get_PLTE、png_get_tRNS或png_get_hIST获取的指针传递回同一png_struct/png_info对的相应设置器时,设置器会从已释放内存中读取数据并复制到替换缓冲区,可能导致静默损坏块元数据或将无关堆内容泄露到块结构中。
CVSS Information
N/A
Vulnerability Type
N/A