{ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-7317", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "refsource": "BUGTRAQ", "name": "20190417 [slackware-security] libpng (SSA:2019-107-01)", "url": "https://seclists.org/bugtraq/2019/Apr/30" }, { "refsource": "DEBIAN", "name": "DSA-4435", "url": "https://www.debian.org/security/2019/dsa-4435" }, { "refsource": "BUGTRAQ", "name": "20190429 [SECURITY] [DSA 4435-1] libpng1.6 security update", "url": "https://seclists.org/bugtraq/2019/Apr/36" }, { "refsource": "UBUNTU", "name": "USN-3962-1", "url": "https://usn.ubuntu.com/3962-1/" }, { "refsource": "UBUNTU", "name": "USN-3991-1", "url": "https://usn.ubuntu.com/3991-1/" }, { "refsource": "BUGTRAQ", "name": "20190522 [slackware-security] mozilla-firefox (SSA:2019-141-01)", "url": "https://seclists.org/bugtraq/2019/May/56" }, { "refsource": "BUGTRAQ", "name": "20190523 [SECURITY] [DSA 4448-1] firefox-esr security update", "url": "https://seclists.org/bugtraq/2019/May/59" }, { "refsource": "DEBIAN", "name": "DSA-4448", "url": "https://www.debian.org/security/2019/dsa-4448" }, { "refsource": "MLIST", "name": "[debian-lts-announce] 20190523 [SECURITY] [DLA 1800-1] firefox-esr security update", "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html" }, { "refsource": "REDHAT", "name": "RHSA-2019:1265", "url": "https://access.redhat.com/errata/RHSA-2019:1265" }, { "refsource": "REDHAT", "name": "RHSA-2019:1267", "url": "https://access.redhat.com/errata/RHSA-2019:1267" }, { "refsource": "REDHAT", "name": "RHSA-2019:1269", "url": "https://access.redhat.com/errata/RHSA-2019:1269" }, { "refsource": "DEBIAN", "name": "DSA-4451", "url": "https://www.debian.org/security/2019/dsa-4451" }, { "refsource": "BUGTRAQ", "name": "20190527 [SECURITY] [DSA 4451-1] thunderbird security update", "url": "https://seclists.org/bugtraq/2019/May/67" }, { "refsource": "MLIST", "name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1806-1] thunderbird security update", "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html" }, { "refsource": "UBUNTU", "name": "USN-3997-1", "url": "https://usn.ubuntu.com/3997-1/" }, { "refsource": "SUSE", "name": "openSUSE-SU-2019:1484", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html" }, { "refsource": "REDHAT", "name": "RHSA-2019:1310", "url": "https://access.redhat.com/errata/RHSA-2019:1310" }, { "refsource": "REDHAT", "name": "RHSA-2019:1308", "url": "https://access.redhat.com/errata/RHSA-2019:1308" }, { "refsource": "REDHAT", "name": "RHSA-2019:1309", "url": "https://access.redhat.com/errata/RHSA-2019:1309" }, { "refsource": "SUSE", "name": "openSUSE-SU-2019:1534", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html" }, { "refsource": "SUSE", "name": "openSUSE-SU-2019:1664", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html" }, { "refsource": "BID", "name": "108098", "url": "http://www.securityfocus.com/bid/108098" }, { "refsource": "UBUNTU", "name": "USN-4080-1", "url": "https://usn.ubuntu.com/4080-1/" }, { "refsource": "UBUNTU", "name": "USN-4083-1", "url": "https://usn.ubuntu.com/4083-1/" }, { "refsource": "GENTOO", "name": "GLSA-201908-02", "url": "https://security.gentoo.org/glsa/201908-02" }, { "refsource": "REDHAT", "name": "RHSA-2019:2494", "url": "https://access.redhat.com/errata/RHSA-2019:2494" }, { "refsource": "REDHAT", "name": "RHSA-2019:2495", "url": "https://access.redhat.com/errata/RHSA-2019:2495" }, { "refsource": "SUSE", "name": "openSUSE-SU-2019:1916", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html" }, { "refsource": "SUSE", "name": "openSUSE-SU-2019:1912", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html" }, { "refsource": "REDHAT", "name": "RHSA-2019:2585", "url": "https://access.redhat.com/errata/RHSA-2019:2585" }, { "refsource": "REDHAT", "name": "RHSA-2019:2590", "url": "https://access.redhat.com/errata/RHSA-2019:2590" }, { "refsource": "REDHAT", "name": "RHSA-2019:2592", "url": "https://access.redhat.com/errata/RHSA-2019:2592" }, { "refsource": "REDHAT", "name": "RHSA-2019:2737", "url": "https://access.redhat.com/errata/RHSA-2019:2737" }, { "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803", "refsource": "MISC", "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803" }, { "name": "https://github.com/glennrp/libpng/issues/275", "refsource": "MISC", "url": "https://github.com/glennrp/libpng/issues/275" }, { "refsource": "MISC", "name": "http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html", "url": "http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html" }, { "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20190719-0005/", "url": "https://security.netapp.com/advisory/ntap-20190719-0005/" }, { "refsource": "CONFIRM", "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03977en_us", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03977en_us" }, { "url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuoct2021.html" } ] } }