CVE-2019-7317

Source
Severity Low
Remote No
Type Denial of service
Description
png_image_free in png.c in libpng 1.6.36 has a use-after-free because png_image_free_function is called under png_safe_execute.
Group Package Affected Fixed Severity Status Ticket
AVG-868 libpng 1.6.36-1 1.6.36-2 Low Fixed
References
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803
https://github.com/glennrp/libpng/issues/275