« List of all CVEs

CVE-2019-6129

Published: 1/11/2019 Last updated: 8/4/2024 Reserved: 1/10/2019

png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. NOTE: a third party has stated "I don't think it is libpng's job to free this buffer.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (4)

conf-gd conf-libpng grib qrencode

Products affected (2)

Product Vendor Version
n/a n/a < de5857fa7bcc9a496a914c7e21390be873109f26
n/a n/a <= 6.6.*

References (8)