Pngcrush ProjectCVEs & Vulnerabilities
2 CVEs affecting Pngcrush Project products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
2 CVEs→ All vendors
Most Affected Products
pngcrush 2
CVE-2015-2158HIGH
Off-by-one error in the pngcrush_measure_idat function in pngcrush.c in pngcrush before 1.7.84 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file.
6 Oct 2017
7.8
CVSS
CVE-2015-7700CRITICAL
Double-free vulnerability in the sPLT chunk structure and png.c in pngcrush before 1.7.87 allows attackers to have unspecified impact via unknown vectors.
1 Sep 2017
9.8
CVSS
← PrevPage 1 / 1Next →