FreshPorts - VuXML
This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68
These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
8fedf75c-ef2f-11e6-900e-003048f78448 | optipng -- multiple vulnerabilities
ifread.c in gif2png, as used in OptiPNG before 0.7.6, allows remote attackers to cause a denial of service (uninitialized memory read) via a crafted GIF file.
The bmp_read_rows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (invalid memory write and crash) via a series of delta escapes in a crafted BMP image.
Heap-based buffer overflow in the bmp_read_rows function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file.
Off-by-one error in the bmp_rle4_fread function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file, which triggers a heap-based buffer overflow.
Discovery 2015-10-09 Entry 2017-02-16 optipng
< 0.7.6
CVE-2015-7802
CVE-2016-2191
CVE-2016-3981
CVE-2016-3982
|
bab05188-5d4b-11e5-9ad8-14dae9d210b8 | optipng -- use-after-free vulnerability
Gustavo Grieco reports:
We found a use-after-free causing an invalid/double free in
optipng 0.6.4.
Discovery 2015-09-16 Entry 2015-09-17 Modified 2015-10-14 optipng
le 0.6.5
http://seclists.org/oss-sec/2015/q3/556
CVE-2015-7801
|