Skip to main content

Pngcrush

2 CVEs product

Monthly

CVE-2015-2158 HIGH PATCH This Week

Off-by-one error in the pngcrush_measure_idat function in pngcrush.c in pngcrush before 1.7.84 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service RCE Pngcrush
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2015-7700 CRITICAL Act Now

Double-free vulnerability in the sPLT chunk structure and png.c in pngcrush before 1.7.87 allows attackers to have unspecified impact via unknown vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pngcrush
NVD
CVSS 3.0
9.8
EPSS
0.7%
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Off-by-one error in the pngcrush_measure_idat function in pngcrush.c in pngcrush before 1.7.84 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service RCE Pngcrush
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Double-free vulnerability in the sPLT chunk structure and png.c in pngcrush before 1.7.87 allows attackers to have unspecified impact via unknown vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pngcrush
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy