{"id":"CVE-2015-6818","details":"The decode_ihdr_chunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does not enforce uniqueness of the IHDR (aka image header) chunk in a PNG image, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted image with two or more of these chunks.","modified":"2026-04-16T06:26:19.598387973Z","published":"2015-09-06T02:59:00Z","references":[{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2944-1"},{"type":"WEB","url":"http://ffmpeg.org/security.html"},{"type":"WEB","url":"http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=47f4e2d8960ca756ca153ab8e3e93d80449b8c91"},{"type":"WEB","url":"http://www.securitytracker.com/id/1033483"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html"}],"schema_version":"1.7.5"}