漏洞标题
N/A
漏洞描述信息
**争议** 在PNGwriter 0.7.0中发现了一个问题。它是pngwriter::readfromfile在pngwriter.cc中的SEGV。注意:在master/README.md文件中,有一个“警告:PNGwriter从未设计用于与它读取不信任的文件。在敏感环境中,尤其是不要使用它读取来自未知来源的PNG!”的声明。
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
An issue has been found in PNGwriter 0.7.0. It is a SEGV in pngwriter::readfromfile in pngwriter.cc. NOTE: there is a "Warning: PNGwriter was never designed for reading untrusted files with it. Do NOT use this in sensitive environments, especially DO NOT read PNGs from unknown sources with it!" statement in the master/README.md file
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
PNGwriter 安全漏洞
漏洞描述信息
PNGwriter是一个用于创建PNG图像的C++库。 PNGwriter 0.7.0版本中的pngwriter.cc文件的‘pngwriter::readfromfile’函数存在安全漏洞。攻击者可利用该漏洞造成拒绝服务(段错误)。
CVSS信息
N/A
漏洞类别
授权问题