CVE-2018-13785

Published July 9th, 2018

View on NVD ↗

CVSS v3

6.5

MEDIUM

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.

pnggroup/libpng

LIBPNG: Portable Network Graphics support, official libpng repository

GitHub

1.6K