CyberSec.Space Logo
Back to CVE Browser

CVE-2017-12652

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0140%
EPSS Percentile18.48th
PublishedJul 10, 2019
Last ModifiedJun 9, 2025

Vulnerability Description

libpng before 1.6.32 does not properly check the length of chunks against the user limit.

Affected Platforms (CPE)

πŸ“¦
Libpng

Libpng

< 1.6.32
πŸ“¦
Netapp

Active Iq Unified Manager

All versions

References & Advisories

πŸ”— http://www.securityfocus.com/bid/109269
πŸ”— https://github.com/glennrp/libpng/blob/df7e9dae0c4aac63d55361e35709c864fa1b8363/ANNOUNCE
πŸ”— https://github.com/pnggroup/libpng/commit/347538efbdc21b8df684ebd92d37400b3ce85d55
πŸ”— https://security.netapp.com/advisory/ntap-20220506-0003/
πŸ”— https://support.f5.com/csp/article/K88124225
πŸ”— https://support.f5.com/csp/article/K88124225?utm_source=f5support&amp;utm_medium=RSS
πŸ”— http://www.securityfocus.com/bid/109269
πŸ”— https://github.com/glennrp/libpng/blob/df7e9dae0c4aac63d55361e35709c864fa1b8363/ANNOUNCE

Related Vulnerabilities

CVE-2004-059710.0

Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary c...

CVE-2010-12059.8

Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow rem...

CVE-2016-104249.8

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon ...

CVE-2018-145508.8

An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the func...