CVE-2019-6129

ADVISORY - nist

Summary

png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. NOTE: a third party has stated "I don't think it is libpng's job to free this buffer.

EPSS Score⁠: 0.00433 (0.618)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-401⁠

Missing Release of Memory after Effective Lifetime

ADVISORY - redhat

CWE-400⁠

Uncontrolled Resource Consumption

Impacted images

Advisories

NIST

CREATED

6 years ago

UPDATED

7 months ago

ADVISORY IDCVE-2019-6129⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-401⁠

CVSS SCORE

6.5medium

Debian

CREATED

6 years ago

UPDATED

4 months ago

ADVISORY IDCVE-2019-6129⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

6 years ago

UPDATED

3 months ago

ADVISORY IDCVE-2019-6129⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.5low

Red Hat

CREATED

6 years ago

UPDATED

4 months ago

ADVISORY IDCVE-2019-6129⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-400⁠

CVSS SCORE

3.3low

intheWild

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY IDCVE-2019-6129⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY