Vulnerabilities (CVE)

Filtered by vendor Pngcrush Project Subscribe
Filtered by product Pngcrush
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-7700 1 Pngcrush Project 1 Pngcrush 2024-11-21 7.5 HIGH 9.8 CRITICAL
Double-free vulnerability in the sPLT chunk structure and png.c in pngcrush before 1.7.87 allows attackers to have unspecified impact via unknown vectors.
CVE-2015-2158 1 Pngcrush Project 1 Pngcrush 2024-11-21 6.8 MEDIUM 7.8 HIGH
Off-by-one error in the pngcrush_measure_idat function in pngcrush.c in pngcrush before 1.7.84 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file.