vulnerability

Red Hat: CVE-2019-7317: CVE-2019-7317 libpng: use-after-free in png_image_free in png.c (Multiple Advisories)

Severity
3
CVSS
(AV:N/AC:H/Au:N/C:N/I:N/A:P)
Published
Feb 4, 2019
Added
May 24, 2019
Modified
Jul 9, 2025

Description

png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.

Solution(s)

no-fix-redhat-rpm-packageredhat-upgrade-firefoxredhat-upgrade-firefox-debuginforedhat-upgrade-firefox-debugsourceredhat-upgrade-java-1-7-1-ibmredhat-upgrade-java-1-7-1-ibm-demoredhat-upgrade-java-1-7-1-ibm-develredhat-upgrade-java-1-7-1-ibm-jdbcredhat-upgrade-java-1-7-1-ibm-pluginredhat-upgrade-java-1-7-1-ibm-srcredhat-upgrade-java-1-8-0-ibmredhat-upgrade-java-1-8-0-ibm-demoredhat-upgrade-java-1-8-0-ibm-develredhat-upgrade-java-1-8-0-ibm-headlessredhat-upgrade-java-1-8-0-ibm-jdbcredhat-upgrade-java-1-8-0-ibm-pluginredhat-upgrade-java-1-8-0-ibm-srcredhat-upgrade-java-1-8-0-ibm-webstartredhat-upgrade-thunderbirdredhat-upgrade-thunderbird-debuginforedhat-upgrade-thunderbird-debugsource
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.