← volver
CVE-2019-7317

CVE-2019-7317

CVSS 5.3 MEDIUMEPSS 9.4%CWE-416
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.3EPSS 9.4%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
04 feb 2019Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.htmlhttp://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.htmlhttps://access.redhat.com/errata/RHSA-2019:1265https://access.redhat.com/errata/RHSA-2019:1267https://access.redhat.com/errata/RHSA-2019:1269https://access.redhat.com/errata/RHSA-2019:1308https://access.redhat.com/errata/RHSA-2019:1309https://access.redhat.com/errata/RHSA-2019:1310