An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function get_token in pnm2png.c in pnm2png.
{ "nvd_published_at": "2019-07-10T12:15:00Z", "cwe_ids": [ "CWE-787" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2021-03-22T15:41:48Z" }