CVE-2018-14550
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-14550
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-14550.json
- Aliases
- Published
- 2019-07-10T12:15:10Z
- Modified
- 2023-11-29T06:27:50.762567Z
- Details
-
An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function get_token in pnm2png.c in pnm2png.
- References
-
- https://security.gentoo.org/glsa/201908-02
- https://security.netapp.com/advisory/ntap-20221028-0001/
- https://github.com/fouzhe/security/tree/master/libpng#stack-buffer-overflow-in-png2pnm-in-function-get_token
- https://github.com/glennrp/libpng/issues/246
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://www.oracle.com/security-alerts/cpuoct2021.html
Affected packages
Alpine:v3.10 / libpng
Package
- Name
- libpng
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed1.6.37-r0
Affected versions
1.*
1.2.34-r0
1.2.35-r0
1.2.36-r0
1.2.37-r0
1.2.38-r0
1.2.39-r0
1.2.40-r0
1.4.0-r0
1.4.1-r0
1.4.1-r1
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.4.5-r0
1.4.5-r1
1.5.2-r0
1.5.2-r1
1.5.2-r2
1.5.4-r0
1.5.5-r0
1.5.5-r1
1.5.8-r0
1.5.9-r0
1.5.10-r0
1.5.11-r0
1.5.12-r0
1.5.13-r0
1.5.14-r0
1.5.15-r0
1.5.16-r0
1.5.17-r0
1.6.3-r0
1.6.5-r0
1.6.6-r0
1.6.7-r0
1.6.8-r0
1.6.9-r0
1.6.10-r0
1.6.12-r0
1.6.13-r0
1.6.14-r0
1.6.15-r0
1.6.16-r0
1.6.17-r0
1.6.18-r0
1.6.19-r0
1.6.20-r0
1.6.21-r0
1.6.22-r0
1.6.23-r0
1.6.23-r1
1.6.23-r2
1.6.24-r0
1.6.25-r0
1.6.26-r0
1.6.27-r0
1.6.27-r1
1.6.28-r0
1.6.29-r0
1.6.29-r1
1.6.30-r0
1.6.31-r0
1.6.32-r0
1.6.34-r0
1.6.34-r1
1.6.35-r1
Alpine:v3.11 / libpng
Package
- Name
- libpng
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed1.6.37-r0
Affected versions
1.*
1.2.34-r0
1.2.35-r0
1.2.36-r0
1.2.37-r0
1.2.38-r0
1.2.39-r0
1.2.40-r0
1.4.0-r0
1.4.1-r0
1.4.1-r1
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.4.5-r0
1.4.5-r1
1.5.2-r0
1.5.2-r1
1.5.2-r2
1.5.4-r0
1.5.5-r0
1.5.5-r1
1.5.8-r0
1.5.9-r0
1.5.10-r0
1.5.11-r0
1.5.12-r0
1.5.13-r0
1.5.14-r0
1.5.15-r0
1.5.16-r0
1.5.17-r0
1.6.3-r0
1.6.5-r0
1.6.6-r0
1.6.7-r0
1.6.8-r0
1.6.9-r0
1.6.10-r0
1.6.12-r0
1.6.13-r0
1.6.14-r0
1.6.15-r0
1.6.16-r0
1.6.17-r0
1.6.18-r0
1.6.19-r0
1.6.20-r0
1.6.21-r0
1.6.22-r0
1.6.23-r0
1.6.23-r1
1.6.23-r2
1.6.24-r0
1.6.25-r0
1.6.26-r0
1.6.27-r0
1.6.27-r1
1.6.28-r0
1.6.29-r0
1.6.29-r1
1.6.30-r0
1.6.31-r0
1.6.32-r0
1.6.34-r0
1.6.34-r1
1.6.35-r1
Alpine:v3.12 / libpng
Package
- Name
- libpng
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed1.6.37-r0
Affected versions
1.*
1.2.34-r0
1.2.35-r0
1.2.36-r0
1.2.37-r0
1.2.38-r0
1.2.39-r0
1.2.40-r0
1.4.0-r0
1.4.1-r0
1.4.1-r1
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.4.5-r0
1.4.5-r1
1.5.2-r0
1.5.2-r1
1.5.2-r2
1.5.4-r0
1.5.5-r0
1.5.5-r1
1.5.8-r0
1.5.9-r0
1.5.10-r0
1.5.11-r0
1.5.12-r0
1.5.13-r0
1.5.14-r0
1.5.15-r0
1.5.16-r0
1.5.17-r0
1.6.3-r0
1.6.5-r0
1.6.6-r0
1.6.7-r0
1.6.8-r0
1.6.9-r0
1.6.10-r0
1.6.12-r0
1.6.13-r0
1.6.14-r0
1.6.15-r0
1.6.16-r0
1.6.17-r0
1.6.18-r0
1.6.19-r0
1.6.20-r0
1.6.21-r0
1.6.22-r0
1.6.23-r0
1.6.23-r1
1.6.23-r2
1.6.24-r0
1.6.25-r0
1.6.26-r0
1.6.27-r0
1.6.27-r1
1.6.28-r0
1.6.29-r0
1.6.29-r1
1.6.30-r0
1.6.31-r0
1.6.32-r0
1.6.34-r0
1.6.34-r1
1.6.35-r1
Alpine:v3.13 / libpng
Package
- Name
- libpng
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed1.6.37-r0
Affected versions
1.*
1.2.34-r0
1.2.35-r0
1.2.36-r0
1.2.37-r0
1.2.38-r0
1.2.39-r0
1.2.40-r0
1.4.0-r0
1.4.1-r0
1.4.1-r1
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.4.5-r0
1.4.5-r1
1.5.2-r0
1.5.2-r1
1.5.2-r2
1.5.4-r0
1.5.5-r0
1.5.5-r1
1.5.8-r0
1.5.9-r0
1.5.10-r0
1.5.11-r0
1.5.12-r0
1.5.13-r0
1.5.14-r0
1.5.15-r0
1.5.16-r0
1.5.17-r0
1.6.3-r0
1.6.5-r0
1.6.6-r0
1.6.7-r0
1.6.8-r0
1.6.9-r0
1.6.10-r0
1.6.12-r0
1.6.13-r0
1.6.14-r0
1.6.15-r0
1.6.16-r0
1.6.17-r0
1.6.18-r0
1.6.19-r0
1.6.20-r0
1.6.21-r0
1.6.22-r0
1.6.23-r0
1.6.23-r1
1.6.23-r2
1.6.24-r0
1.6.25-r0
1.6.26-r0
1.6.27-r0
1.6.27-r1
1.6.28-r0
1.6.29-r0
1.6.29-r1
1.6.30-r0
1.6.31-r0
1.6.32-r0
1.6.34-r0
1.6.34-r1
1.6.35-r1
Alpine:v3.14 / libpng
Package
- Name
- libpng
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed1.6.37-r0
Affected versions
1.*
1.2.34-r0
1.2.35-r0
1.2.36-r0
1.2.37-r0
1.2.38-r0
1.2.39-r0
1.2.40-r0
1.4.0-r0
1.4.1-r0
1.4.1-r1
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.4.5-r0
1.4.5-r1
1.5.2-r0
1.5.2-r1
1.5.2-r2
1.5.4-r0
1.5.5-r0
1.5.5-r1
1.5.8-r0
1.5.9-r0
1.5.10-r0
1.5.11-r0
1.5.12-r0
1.5.13-r0
1.5.14-r0
1.5.15-r0
1.5.16-r0
1.5.17-r0
1.6.3-r0
1.6.5-r0
1.6.6-r0
1.6.7-r0
1.6.8-r0
1.6.9-r0
1.6.10-r0
1.6.12-r0
1.6.13-r0
1.6.14-r0
1.6.15-r0
1.6.16-r0
1.6.17-r0
1.6.18-r0
1.6.19-r0
1.6.20-r0
1.6.21-r0
1.6.22-r0
1.6.23-r0
1.6.23-r1
1.6.23-r2
1.6.24-r0
1.6.25-r0
1.6.26-r0
1.6.27-r0
1.6.27-r1
1.6.28-r0
1.6.29-r0
1.6.29-r1
1.6.30-r0
1.6.31-r0
1.6.32-r0
1.6.34-r0
1.6.34-r1
1.6.35-r1
Alpine:v3.15 / libpng
Package
- Name
- libpng
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed1.6.37-r0
Affected versions
1.*
1.2.34-r0
1.2.35-r0
1.2.36-r0
1.2.37-r0
1.2.38-r0
1.2.39-r0
1.2.40-r0
1.4.0-r0
1.4.1-r0
1.4.1-r1
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.4.5-r0
1.4.5-r1
1.5.2-r0
1.5.2-r1
1.5.2-r2
1.5.4-r0
1.5.5-r0
1.5.5-r1
1.5.8-r0
1.5.9-r0
1.5.10-r0
1.5.11-r0
1.5.12-r0
1.5.13-r0
1.5.14-r0
1.5.15-r0
1.5.16-r0
1.5.17-r0
1.6.3-r0
1.6.5-r0
1.6.6-r0
1.6.7-r0
1.6.8-r0
1.6.9-r0
1.6.10-r0
1.6.12-r0
1.6.13-r0
1.6.14-r0
1.6.15-r0
1.6.16-r0
1.6.17-r0
1.6.18-r0
1.6.19-r0
1.6.20-r0
1.6.21-r0
1.6.22-r0
1.6.23-r0
1.6.23-r1
1.6.23-r2
1.6.24-r0
1.6.25-r0
1.6.26-r0
1.6.27-r0
1.6.27-r1
1.6.28-r0
1.6.29-r0
1.6.29-r1
1.6.30-r0
1.6.31-r0
1.6.32-r0
1.6.34-r0
1.6.34-r1
1.6.35-r1
Alpine:v3.16 / libpng
Package
- Name
- libpng
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed1.6.37-r0
Affected versions
1.*
1.2.34-r0
1.2.35-r0
1.2.36-r0
1.2.37-r0
1.2.38-r0
1.2.39-r0
1.2.40-r0
1.4.0-r0
1.4.1-r0
1.4.1-r1
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.4.5-r0
1.4.5-r1
1.5.2-r0
1.5.2-r1
1.5.2-r2
1.5.4-r0
1.5.5-r0
1.5.5-r1
1.5.8-r0
1.5.9-r0
1.5.10-r0
1.5.11-r0
1.5.12-r0
1.5.13-r0
1.5.14-r0
1.5.15-r0
1.5.16-r0
1.5.17-r0
1.6.3-r0
1.6.5-r0
1.6.6-r0
1.6.7-r0
1.6.8-r0
1.6.9-r0
1.6.10-r0
1.6.12-r0
1.6.13-r0
1.6.14-r0
1.6.15-r0
1.6.16-r0
1.6.17-r0
1.6.18-r0
1.6.19-r0
1.6.20-r0
1.6.21-r0
1.6.22-r0
1.6.23-r0
1.6.23-r1
1.6.23-r2
1.6.24-r0
1.6.25-r0
1.6.26-r0
1.6.27-r0
1.6.27-r1
1.6.28-r0
1.6.29-r0
1.6.29-r1
1.6.30-r0
1.6.31-r0
1.6.32-r0
1.6.34-r0
1.6.34-r1
1.6.35-r1
Alpine:v3.17 / libpng
Package
- Name
- libpng
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed1.6.37-r0
Affected versions
1.*
1.2.34-r0
1.2.35-r0
1.2.36-r0
1.2.37-r0
1.2.38-r0
1.2.39-r0
1.2.40-r0
1.4.0-r0
1.4.1-r0
1.4.1-r1
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.4.5-r0
1.4.5-r1
1.5.2-r0
1.5.2-r1
1.5.2-r2
1.5.4-r0
1.5.5-r0
1.5.5-r1
1.5.8-r0
1.5.9-r0
1.5.10-r0
1.5.11-r0
1.5.12-r0
1.5.13-r0
1.5.14-r0
1.5.15-r0
1.5.16-r0
1.5.17-r0
1.6.3-r0
1.6.5-r0
1.6.6-r0
1.6.7-r0
1.6.8-r0
1.6.9-r0
1.6.10-r0
1.6.12-r0
1.6.13-r0
1.6.14-r0
1.6.15-r0
1.6.16-r0
1.6.17-r0
1.6.18-r0
1.6.19-r0
1.6.20-r0
1.6.21-r0
1.6.22-r0
1.6.23-r0
1.6.23-r1
1.6.23-r2
1.6.24-r0
1.6.25-r0
1.6.26-r0
1.6.27-r0
1.6.27-r1
1.6.28-r0
1.6.29-r0
1.6.29-r1
1.6.30-r0
1.6.31-r0
1.6.32-r0
1.6.34-r0
1.6.34-r1
1.6.35-r0
Alpine:v3.18 / libpng
Package
- Name
- libpng
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed1.6.37-r0
Affected versions
1.*
1.2.34-r0
1.2.35-r0
1.2.36-r0
1.2.37-r0
1.2.38-r0
1.2.39-r0
1.2.40-r0
1.4.0-r0
1.4.1-r0
1.4.1-r1
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.4.5-r0
1.4.5-r1
1.5.2-r0
1.5.2-r1
1.5.2-r2
1.5.4-r0
1.5.5-r0
1.5.5-r1
1.5.8-r0
1.5.9-r0
1.5.10-r0
1.5.11-r0
1.5.12-r0
1.5.13-r0
1.5.14-r0
1.5.15-r0
1.5.16-r0
1.5.17-r0
1.6.3-r0
1.6.5-r0
1.6.6-r0
1.6.7-r0
1.6.8-r0
1.6.9-r0
1.6.10-r0
1.6.12-r0
1.6.13-r0
1.6.14-r0
1.6.15-r0
1.6.16-r0
1.6.17-r0
1.6.18-r0
1.6.19-r0
1.6.20-r0
1.6.21-r0
1.6.22-r0
1.6.23-r0
1.6.23-r1
1.6.23-r2
1.6.24-r0
1.6.25-r0
1.6.26-r0
1.6.27-r0
1.6.27-r1
1.6.28-r0
1.6.29-r0
1.6.29-r1
1.6.30-r0
1.6.31-r0
1.6.32-r0
1.6.34-r0
1.6.34-r1
1.6.35-r0
Alpine:v3.6 / libpng
Package
- Name
- libpng
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed1.6.37-r0
Affected versions
1.*
1.2.34-r0
1.2.35-r0
1.2.36-r0
1.2.37-r0
1.2.38-r0
1.2.39-r0
1.2.40-r0
1.4.0-r0
1.4.1-r0
1.4.1-r1
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.4.5-r0
1.4.5-r1
1.5.2-r0
1.5.2-r1
1.5.2-r2
1.5.4-r0
1.5.5-r0
1.5.5-r1
1.5.8-r0
1.5.9-r0
1.5.10-r0
1.5.11-r0
1.5.12-r0
1.5.13-r0
1.5.14-r0
1.5.15-r0
1.5.16-r0
1.5.17-r0
1.6.3-r0
1.6.5-r0
1.6.6-r0
1.6.7-r0
1.6.8-r0
1.6.9-r0
1.6.10-r0
1.6.12-r0
1.6.13-r0
1.6.14-r0
1.6.15-r0
1.6.16-r0
1.6.17-r0
1.6.18-r0
1.6.19-r0
1.6.20-r0
1.6.21-r0
1.6.22-r0
1.6.23-r0
1.6.23-r1
1.6.23-r2
1.6.24-r0
1.6.25-r0
1.6.26-r0
1.6.27-r0
1.6.27-r1
1.6.28-r0
1.6.29-r0
1.6.29-r1
Alpine:v3.7 / libpng
Package
- Name
- libpng
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed1.6.37-r0
Affected versions
1.*
1.2.34-r0
1.2.35-r0
1.2.36-r0
1.2.37-r0
1.2.38-r0
1.2.39-r0
1.2.40-r0
1.4.0-r0
1.4.1-r0
1.4.1-r1
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.4.5-r0
1.4.5-r1
1.5.2-r0
1.5.2-r1
1.5.2-r2
1.5.4-r0
1.5.5-r0
1.5.5-r1
1.5.8-r0
1.5.9-r0
1.5.10-r0
1.5.11-r0
1.5.12-r0
1.5.13-r0
1.5.14-r0
1.5.15-r0
1.5.16-r0
1.5.17-r0
1.6.3-r0
1.6.5-r0
1.6.6-r0
1.6.7-r0
1.6.8-r0
1.6.9-r0
1.6.10-r0
1.6.12-r0
1.6.13-r0
1.6.14-r0
1.6.15-r0
1.6.16-r0
1.6.17-r0
1.6.18-r0
1.6.19-r0
1.6.20-r0
1.6.21-r0
1.6.22-r0
1.6.23-r0
1.6.23-r1
1.6.23-r2
1.6.24-r0
1.6.25-r0
1.6.26-r0
1.6.27-r0
1.6.27-r1
1.6.28-r0
1.6.29-r0
1.6.29-r1
1.6.30-r0
1.6.31-r0
1.6.32-r0
1.6.34-r0
1.6.34-r1
Alpine:v3.8 / libpng
Package
- Name
- libpng
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed1.6.37-r0
Affected versions
1.*
1.2.34-r0
1.2.35-r0
1.2.36-r0
1.2.37-r0
1.2.38-r0
1.2.39-r0
1.2.40-r0
1.4.0-r0
1.4.1-r0
1.4.1-r1
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.4.5-r0
1.4.5-r1
1.5.2-r0
1.5.2-r1
1.5.2-r2
1.5.4-r0
1.5.5-r0
1.5.5-r1
1.5.8-r0
1.5.9-r0
1.5.10-r0
1.5.11-r0
1.5.12-r0
1.5.13-r0
1.5.14-r0
1.5.15-r0
1.5.16-r0
1.5.17-r0
1.6.3-r0
1.6.5-r0
1.6.6-r0
1.6.7-r0
1.6.8-r0
1.6.9-r0
1.6.10-r0
1.6.12-r0
1.6.13-r0
1.6.14-r0
1.6.15-r0
1.6.16-r0
1.6.17-r0
1.6.18-r0
1.6.19-r0
1.6.20-r0
1.6.21-r0
1.6.22-r0
1.6.23-r0
1.6.23-r1
1.6.23-r2
1.6.24-r0
1.6.25-r0
1.6.26-r0
1.6.27-r0
1.6.27-r1
1.6.28-r0
1.6.29-r0
1.6.29-r1
1.6.30-r0
1.6.31-r0
1.6.32-r0
1.6.34-r0
1.6.34-r1
Alpine:v3.9 / libpng
Package
- Name
- libpng
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownFixed1.6.37-r0
Affected versions
1.*
1.2.34-r0
1.2.35-r0
1.2.36-r0
1.2.37-r0
1.2.38-r0
1.2.39-r0
1.2.40-r0
1.4.0-r0
1.4.1-r0
1.4.1-r1
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.4.5-r0
1.4.5-r1
1.5.2-r0
1.5.2-r1
1.5.2-r2
1.5.4-r0
1.5.5-r0
1.5.5-r1
1.5.8-r0
1.5.9-r0
1.5.10-r0
1.5.11-r0
1.5.12-r0
1.5.13-r0
1.5.14-r0
1.5.15-r0
1.5.16-r0
1.5.17-r0
1.6.3-r0
1.6.5-r0
1.6.6-r0
1.6.7-r0
1.6.8-r0
1.6.9-r0
1.6.10-r0
1.6.12-r0
1.6.13-r0
1.6.14-r0
1.6.15-r0
1.6.16-r0
1.6.17-r0
1.6.18-r0
1.6.19-r0
1.6.20-r0
1.6.21-r0
1.6.22-r0
1.6.23-r0
1.6.23-r1
1.6.23-r2
1.6.24-r0
1.6.25-r0
1.6.26-r0
1.6.27-r0
1.6.27-r1
1.6.28-r0
1.6.29-r0
1.6.29-r1
1.6.30-r0
1.6.31-r0
1.6.32-r0
1.6.34-r0
1.6.34-r1
1.6.35-r1
Git / github.com/clearlinux-pkgs/libpng
Affected ranges
- Type
- GIT
- Repo
- https://github.com/clearlinux-pkgs/libpng
- Events
-
Introduced0The exact introduced commit is unknownLast affected
Affected versions
1.*
1.6.18-12
1.6.19-13
1.6.19-14
1.6.20-15
1.6.20-16
1.6.21-17
1.6.21-18
1.6.21-19
1.6.22-20
1.6.23-21
1.6.24-22
1.6.25-23
1.6.25-27
1.6.25-28
1.6.26-29
1.6.26-30
1.6.26-32
1.6.26-34
1.6.26-35
1.6.27-37
1.6.28-38
1.6.28-39
1.6.29-40
1.6.29-42
1.6.29-43
1.6.30-45
1.6.31-46
1.6.32-48
1.6.33-49
1.6.34-50
1.6.34-51
1.6.34-53
1.6.35-54