cvedb.io
CVE-2019-6129
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2019-01-11T05:29:01.640 · Last modified 2026-06-17T02:38:39.130

Summary

png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. NOTE: a third party has stated "I don't think it is libpng's job to free this buffer.

Affected products

libpng — libpng

Does this affect you?

Add your gear to cvedb and we'll alert you only when libpng ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.