Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2019-7317

png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.

  • Published: Feb 4, 2019
  • Updated: Apr 13, 2023
  • CVE: CVE-2019-7317
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.3
  • AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

CVSS v2:

  • Severity: Low
  • Score: 2.6
  • AV:N/AC:H/Au:N/C:N/I:N/A:P

CWEs:

Software From Fixed in
libpng / libpng 1.6.0 1.6.37
debian / debian_linux 8.0 8.0.x
debian / debian_linux 9.0 9.0.x
canonical / ubuntu_linux 18.04 18.04.x
canonical / ubuntu_linux 16.04 16.04.x
canonical / ubuntu_linux 18.10 18.10.x
canonical / ubuntu_linux 19.04 19.04.x
oracle / jdk 11.0.3 11.0.3.x
oracle / jdk 12.0.1 12.0.1.x
oracle / java_se 8u212 8u212.x
oracle / java_se 7u221 7u221.x
oracle / mysql - 8.0.23
oracle / hyperion_infrastructure_technology 11.2.6.0 11.2.6.0.x
hpe / xp7_command_view_advanced_edition_suite - 8.7.0-00
hp / xp7_command_view - 8.7.0-00
opensuse / leap 42.3 42.3.x
opensuse / leap 15.0 15.0.x
opensuse / leap 15.1 15.1.x
netapp / snapmanager - 3.4.2
netapp / snapmanager 3.4.2-p1 3.4.2-p1.x
netapp / active_iq_unified_manager 9.6 9.6.x
netapp / active_iq_unified_manager - 9.6
netapp / e-series_santricity_storage_manager - 11.53
netapp / oncommand_insight - 7.3.9
netapp / e-series_santricity_unified_manager - 3.2
netapp / oncommand_workflow_automation - 5.1
netapp / e-series_santricity_web_services - 4.0
redhat / enterprise_linux_desktop 7.0 7.0.x
redhat / enterprise_linux_for_scientific_computing 6.0 6.0.x
redhat / enterprise_linux_workstation 7.0 7.0.x
redhat / enterprise_linux_for_scientific_computing 7.0 7.0.x
redhat / enterprise_linux 7.0 7.0.x
redhat / enterprise_linux 6.0 6.0.x
redhat / enterprise_linux_for_ibm_z_systems 6.0 6.0.x
redhat / enterprise_linux_for_power_little_endian 7.0 7.0.x
redhat / enterprise_linux_desktop 6.0 6.0.x
redhat / enterprise_linux_for_power_big_endian 6.0 6.0.x
redhat / enterprise_linux_workstation 6.0 6.0.x
redhat / enterprise_linux_for_power_big_endian 7.0 7.0.x
redhat / enterprise_linux_for_ibm_z_systems 7.0 7.0.x
redhat / satellite 5.8 5.8.x
redhat / enterprise_linux 8.0 8.0.x
redhat / enterprise_linux_for_power_little_endian 8.0 8.0.x
redhat / enterprise_linux_for_ibm_z_systems 8.0 8.0.x