An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function get_token in pnm2png.c in pnm2png.
References
Link | Resource |
---|---|
https://github.com/fouzhe/security/tree/master/libpng#stack-buffer-overflow-in-png2pnm-in-function-get_token | Exploit Patch Third Party Advisory |
https://github.com/glennrp/libpng/issues/246 | Exploit Patch Third Party Advisory |
https://security.gentoo.org/glsa/201908-02 | Third Party Advisory |
https://security.netapp.com/advisory/ntap-20221028-0001/ | Third Party Advisory |
https://www.oracle.com/security-alerts/cpuApr2021.html | Patch Third Party Advisory |
https://www.oracle.com/security-alerts/cpuoct2021.html | Patch Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
01 Mar 2023, 01:57
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:* cpe:2.3:a:netapp:oncommand_api_services:-:*:*:*:*:*:*:* |
|
References |
|
18 Apr 2022, 16:57
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.oracle.com/security-alerts/cpuoct2021.html - Patch, Third Party Advisory | |
References | (MISC) https://www.oracle.com/security-alerts/cpuApr2021.html - Patch, Third Party Advisory | |
References | (GENTOO) https://security.gentoo.org/glsa/201908-02 - Third Party Advisory | |
CPE | cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:* cpe:2.3:a:oracle:hyperion_infrastructure_technology:11.1.2.6.0:*:*:*:*:*:*:* |
20 Oct 2021, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
14 Jun 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2019-07-10 12:15
Updated : 2024-02-04 20:20
NVD link : CVE-2018-14550
Mitre link : CVE-2018-14550
CVE.ORG link : CVE-2018-14550
JSON object : View
Products Affected
oracle
- hyperion_infrastructure_technology
- mysql_workbench
netapp
- active_iq_unified_manager
- oncommand_api_services
libpng
- libpng
CWE
CWE-787
Out-of-bounds Write