CVE-2018-14047

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2018-14047
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-14047.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-14047
Published
2018-07-13T16:29:00.330Z
Modified
2026-03-14T09:27:39.066692Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

An issue has been found in PNGwriter 0.7.0. It is a SEGV in pngwriter::readfromfile in pngwriter.cc. NOTE: there is a "Warning: PNGwriter was never designed for reading untrusted files with it. Do NOT use this in sensitive environments, especially DO NOT read PNGs from unknown sources with it!" statement in the master/README.md file

References

Affected packages

Git / github.com/pngwriter/pngwriter

Affected ranges

Type
GIT
Repo
https://github.com/pngwriter/pngwriter
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
79bb3ef5ebd91996bc4cd02cdc031c5cd560b897
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "0.7.0"
        }
    ]
}

Affected versions

0.*
0.5.4
0.5.5
0.5.6
0.6.0
0.7.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-14047.json"