Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
- Snyk ID SNYK-COCOAPODS-LIBPNG-472125
- published 9 Oct 2019
- disclosed 10 Jul 2019
- credit Unknown
How to fix?
libpng to version 1.6.32 or higher.
libpng is a Portable Network Graphics support library
Affected versions of this package are vulnerable to Improper Input Validation. Does not properly check the length of chunks against the user limit. Attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions.