Vendor coverage

pngcrush_project vulnerabilities

Track published CVEs, severity trends, and remediation context for pngcrush_project products.

RSS

Total vulnerabilities

Critical issues

Average CVSS score

8.8

Search results

Filtered vulnerability results

Showing 1-2 of 2 vulnerabilities.

Sort current page

CVE-2015-2158HighCVSS7.8Published Oct 6, 2017

Off-by-one error in the pngcrush_measure_idat function in pngcrush.c in pngcrush before 1.7.84 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file.

Affected vendor

pngcrush project

Affected product

pngcrush

Coverage

Single affected product entry

CVSS

7.8

HIGH

Published

Oct 6, 2017

CVE-2015-7700CriticalCVSS9.8Published Aug 31, 2017

Double-free vulnerability in the sPLT chunk structure and png.c in pngcrush before 1.7.87 allows attackers to have unspecified impact via unknown vectors.