Memory Leak The advisory has been revoked - it doesn't affect any version of package libpng Open this link in a new tab
Threat Intelligence
EPSS
0.11% (44th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-UBUNTU1404-LIBPNG-336860
- published 11 Jan 2019
- disclosed 11 Jan 2019
Introduced: 11 Jan 2019
CVE-2019-6129 Open this link in a new tabAmendment
The Ubuntu
security team deemed this advisory irrelevant for Ubuntu:14.04
.
NVD Description
Note: Versions mentioned in the description apply only to the upstream libpng
package and not the libpng
package as distributed by Ubuntu
.
png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. NOTE: a third party has stated "I don't think it is libpng's job to free this buffer.