Memory Leak The advisory has been revoked - it doesn't affect any version of package libpng Open this link in a new tab

Threat Intelligence

EPSS 0.11% (44^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk ID SNYK-UBUNTU1404-LIBPNG-336860
published 11 Jan 2019
disclosed 11 Jan 2019

Report a new vulnerability Found a mistake?

Introduced: 11 Jan 2019

CVE-2019-6129 Open this link in a new tab CWE-401 Open this link in a new tab

Amendment

The Ubuntu security team deemed this advisory irrelevant for Ubuntu:14.04.

NVD Description

Note: Versions mentioned in the description apply only to the upstream libpng package and not the libpng package as distributed by Ubuntu.

png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. NOTE: a third party has stated "I don't think it is libpng's job to free this buffer.

Memory Leak The advisory has been revoked - it doesn't affect any version of package libpng Open this link in a new tab

Threat Intelligence

Introduced: 11 Jan 2019

Amendment

NVD Description

References