An integer overflow in the PngImg::InitStorage_() function of png-img before 3.1.0 leads to an under-allocation of heap memory and subsequently an exploitable heap-based buffer overflow when loading a crafted PNG file.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-02-19T23:05:09
Updated: 2024-08-04T16:33:58.211Z
Reserved: 2020-11-06T00:00:00
Link: CVE-2020-28248
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-02-20T00:15:12.483
Modified: 2024-11-21T05:22:31.027
Link: CVE-2020-28248
Redhat
No data.