{"id":"CVE-2019-7317","details":"png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.","modified":"2026-04-16T04:40:31.103268117Z","published":"2019-02-04T08:29:00.447Z","related":["CGA-fq2m-44cx-vmpr","SUSE-SU-2019:1388-1","SUSE-SU-2019:1398-1","SUSE-SU-2019:1398-2","SUSE-SU-2019:1405-1","SUSE-SU-2019:14160-1","SUSE-SU-2019:14188-1","SUSE-SU-2019:1458-1","SUSE-SU-2019:2002-1","SUSE-SU-2019:2021-1","SUSE-SU-2019:2028-1","SUSE-SU-2019:2036-1","SUSE-SU-2019:2036-2","SUSE-SU-2019:2291-1","SUSE-SU-2019:2336-1","SUSE-SU-2019:2371-1","SUSE-SU-2019:3060-2","openSUSE-SU-2019:1530-1","openSUSE-SU-2019:1534-1","openSUSE-SU-2019:1664-1","openSUSE-SU-2019:1912-1","openSUSE-SU-2019:1916-1","openSUSE-SU-2024:10600-1","openSUSE-SU-2024:10601-1","openSUSE-SU-2024:10871-1","openSUSE-SU-2024:10872-1","openSUSE-SU-2024:10876-1","openSUSE-SU-2024:10972-1","openSUSE-SU-2024:14572-1"],"references":[{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201908-02"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:1308"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:1309"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2585"},{"type":"ADVISORY","url":"https://www.debian.org/security/2019/dsa-4451"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/108098"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:1310"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2592"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:1265"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:1269"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2737"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4080-1/"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20190719-0005/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3997-1/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2019/dsa-4448"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2495"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2590"},{"type":"ADVISORY","url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03977en_us"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3962-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3991-1/"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html"},{"type":"ADVISORY","url":"http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4083-1/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2019/dsa-4435"},{"type":"ADVISORY","url":"https://www.oracle.com/security-alerts/cpuApr2021.html"},{"type":"ADVISORY","url":"https://www.oracle.com/security-alerts/cpuoct2021.html"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:1267"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2494"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html"},{"type":"REPORT","url":"https://seclists.org/bugtraq/2019/May/67"},{"type":"REPORT","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803"},{"type":"REPORT","url":"https://github.com/glennrp/libpng/issues/275"},{"type":"REPORT","url":"https://seclists.org/bugtraq/2019/May/59"},{"type":"REPORT","url":"https://seclists.org/bugtraq/2019/Apr/30"},{"type":"REPORT","url":"https://seclists.org/bugtraq/2019/Apr/36"},{"type":"REPORT","url":"https://seclists.org/bugtraq/2019/May/56"},{"type":"FIX","url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mysql/mysql-server","events":[{"introduced":"0"},{"last_affected":"270fd3411e3d671a73ed9725940a30080f59ce6d"},{"introduced":"0"},{"last_affected":"527c12ed611f3fe072c3043734319edb2c733099"},{"introduced":"0"},{"fixed":"7ed30a748964c009d4909cb8b4b22036ebdef239"},{"introduced":"0"},{"fixed":"447eb26e094b444a88c532028647e48228c3c04f"},{"introduced":"0"},{"fixed":"447eb26e094b444a88c532028647e48228c3c04f"},{"introduced":"0"},{"last_affected":"447eb26e094b444a88c532028647e48228c3c04f"},{"introduced":"0"},{"last_affected":"447eb26e094b444a88c532028647e48228c3c04f"},{"introduced":"0"},{"fixed":"617021c443f2e5938dc708ec6de56debab6e3aec"},{"introduced":"0"},{"last_affected":"270fd3411e3d671a73ed9725940a30080f59ce6d"},{"introduced":"0"},{"last_affected":"270fd3411e3d671a73ed9725940a30080f59ce6d"},{"introduced":"0"},{"last_affected":"270fd3411e3d671a73ed9725940a30080f59ce6d"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"8.0"},{"introduced":"0"},{"last_affected":"9.0"},{"introduced":"0"},{"fixed":"8.0.23"},{"introduced":"0"},{"fixed":"9.6"},{"introduced":"0"},{"fixed":"9.6"},{"introduced":"0"},{"last_affected":"9.6"},{"introduced":"0"},{"last_affected":"9.6"},{"introduced":"0"},{"fixed":"7.3.9"},{"introduced":"0"},{"last_affected":"8.0"},{"introduced":"0"},{"last_affected":"8.0"},{"introduced":"0"},{"last_affected":"8.0"}]}},{"type":"GIT","repo":"https://github.com/pnggroup/libpng","events":[{"introduced":"c53778ff53a73ad2d676602f5dc7019566be5058"},{"fixed":"a40189cf881e9f0db80511c382292a5604c3c3d1"}],"database_specific":{"versions":[{"introduced":"1.6.0"},{"fixed":"1.6.37"}]}}],"versions":["libpng-1.6.10-signed","libpng-1.6.11-signed","libpng-1.6.12-signed","libpng-1.6.13-signed","libpng-1.6.14-signed","libpng-1.6.15-signed","libpng-1.6.16-signed","libpng-1.6.17-signed","libpng-1.6.18-signed","libpng-1.6.2-signed","libpng-1.6.20-signed","libpng-1.6.21-signed","libpng-1.6.23-signed","libpng-1.6.24-signed","libpng-1.6.25-signed","libpng-1.6.26-signed","libpng-1.6.29-signed","libpng-1.6.3-signed","libpng-1.6.30-master-signed","libpng-1.6.30-signed","libpng-1.6.31-master-signed","libpng-1.6.31-signed","libpng-1.6.4-signed","libpng-1.6.7-signed","libpng-1.6.8-signed","libpng-1.6.9-signed","mysql-3.23.22-beta","mysql-3.23.28-gamma","mysql-3.23.30-gamma","mysql-3.23.31","mysql-3.23.32","mysql-3.23.33","mysql-3.23.36","mysql-4.0.2","mysql-4.0.4","mysql-5.1.4","mysql-8.0.0","mysql-9.0.0","mysql-9.0.0-release","mysql-9.6.0","mysql-cluster-9.0.0","mysql-cluster-9.6.0","v1.6.0","v1.6.1","v1.6.10","v1.6.10beta01","v1.6.10beta02","v1.6.10rc01","v1.6.10rc02","v1.6.10rc03","v1.6.11","v1.6.11beta01","v1.6.11beta02","v1.6.11beta03","v1.6.11beta04","v1.6.11beta05","v1.6.11beta06","v1.6.11rc01","v1.6.11rc02","v1.6.12","v1.6.12rc01","v1.6.12rc02","v1.6.12rc03","v1.6.13","v1.6.13beta01","v1.6.13beta02","v1.6.13beta03","v1.6.13beta04","v1.6.13rc01","v1.6.14","v1.6.14beta01","v1.6.14beta02","v1.6.14beta03","v1.6.14beta04","v1.6.14beta05","v1.6.14beta06","v1.6.14beta07","v1.6.14rc01","v1.6.14rc02","v1.6.15","v1.6.15beta01","v1.6.15beta02","v1.6.15beta03","v1.6.15beta04","v1.6.15beta05","v1.6.15beta06","v1.6.15beta07","v1.6.15beta08","v1.6.15rc01","v1.6.15rc02","v1.6.15rc03","v1.6.16","v1.6.16beta01","v1.6.16beta02","v1.6.16beta03","v1.6.16rc01","v1.6.16rc02","v1.6.16rc03","v1.6.17","v1.6.17beta01","v1.6.17beta02","v1.6.17beta03","v1.6.17beta04","v1.6.17beta05","v1.6.17rc01","v1.6.17rc02","v1.6.17rc03","v1.6.17rc04","v1.6.17rc05","v1.6.17rc06","v1.6.18","v1.6.18beta01","v1.6.18beta02","v1.6.18beta03","v1.6.18beta04","v1.6.18beta05","v1.6.18beta06","v1.6.18beta07","v1.6.18beta08","v1.6.18beta09","v1.6.18rc01","v1.6.18rc02","v1.6.18rc03","v1.6.19","v1.6.19beta01","v1.6.19beta02","v1.6.19beta03","v1.6.19beta04","v1.6.19rc01","v1.6.19rc02","v1.6.19rc03","v1.6.19rc04","v1.6.1beta01","v1.6.1beta02","v1.6.1beta03","v1.6.1beta04","v1.6.1beta05","v1.6.1beta06","v1.6.1beta07","v1.6.1beta08","v1.6.1beta09","v1.6.1rc01","v1.6.2","v1.6.20beta01","v1.6.20beta02","v1.6.20beta03","v1.6.20rc01","v1.6.20rc02","v1.6.21","v1.6.21beta01","v1.6.21beta02","v1.6.21beta03","v1.6.21rc01","v1.6.21rc02","v1.6.22","v1.6.22beta01","v1.6.22beta02","v1.6.22beta05","v1.6.22beta06","v1.6.22rc01","v1.6.22rc02","v1.6.22rc03","v1.6.23","v1.6.23beta01","v1.6.23rc01","v1.6.23rc02","v1.6.24","v1.6.24beta02","v1.6.24beta03","v1.6.24beta04","v1.6.24beta05","v1.6.24beta06","v1.6.24rc01","v1.6.24rc02","v1.6.24rc03","v1.6.25","v1.6.25beta02","v1.6.25rc04","v1.6.26","v1.6.26beta01","v1.6.26beta02","v1.6.26beta03","v1.6.26beta04","v1.6.26beta05","v1.6.26beta06","v1.6.26rc01","v1.6.27beta01","v1.6.29","v1.6.29beta02","v1.6.29beta03","v1.6.29rc01","v1.6.2beta01","v1.6.2beta02","v1.6.2rc01","v1.6.2rc02","v1.6.2rc03","v1.6.2rc04","v1.6.2rc05","v1.6.2rc06","v1.6.3","v1.6.30","v1.6.30beta01","v1.6.30beta02","v1.6.30beta03","v1.6.30beta04","v1.6.30rc01","v1.6.31","v1.6.31beta01","v1.6.31beta02","v1.6.31beta03","v1.6.31beta04","v1.6.31beta05","v1.6.31beta06","v1.6.31beta07","v1.6.31rc01","v1.6.31rc02","v1.6.32","v1.6.32beta01","v1.6.32beta02","v1.6.32beta03","v1.6.32beta05","v1.6.32beta06","v1.6.32beta07","v1.6.32beta08","v1.6.32beta09","v1.6.32beta10","v1.6.32beta11","v1.6.32rc01","v1.6.32rc02","v1.6.33","v1.6.33beta01","v1.6.33beta02","v1.6.33beta03","v1.6.33rc01","v1.6.33rc02","v1.6.34","v1.6.35","v1.6.35beta01","v1.6.36","v1.6.3beta01","v1.6.3beta02","v1.6.3beta03","v1.6.3beta04","v1.6.3beta05","v1.6.3beta06","v1.6.3beta07","v1.6.3beta08","v1.6.3beta09","v1.6.3beta10","v1.6.3rc01","v1.6.4","v1.6.4beta02","v1.6.4rc01","v1.6.5","v1.6.6","v1.6.7","v1.6.7beta01","v1.6.7beta02","v1.6.7beta03","v1.6.7beta04","v1.6.7rc01","v1.6.7rc02","v1.6.8","v1.6.8beta01","v1.6.8beta02","v1.6.8rc02","v1.6.9","v1.6.9beta01","v1.6.9beta02","v1.6.9beta03","v1.6.9rc01","v1.6.9rc02"],"database_specific":{"vanir_signatures_modified":"2026-04-11T17:54:13Z","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.10"}]},{"events":[{"introduced":"0"},{"last_affected":"19.04"}]},{"events":[{"introduced":"0"},{"last_affected":"11.2.6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7u221"}]},{"events":[{"introduced":"0"},{"last_affected":"8u212"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.3"}]},{"events":[{"introduced":"0"},{"last_affected":"12.0.1"}]},{"events":[{"introduced":"0"},{"fixed":"8.7.0-00"}]},{"events":[{"introduced":"0"},{"fixed":"8.7.0-00"}]},{"events":[{"introduced":"0"},{"last_affected":"15.0"}]},{"events":[{"introduced":"0"},{"last_affected":"15.1"}]},{"events":[{"introduced":"0"},{"last_affected":"42.3"}]},{"events":[{"introduced":"0"},{"fixed":"11.53"}]},{"events":[{"introduced":"0"},{"fixed":"3.2"}]},{"events":[{"introduced":"0"},{"fixed":"4.0"}]},{"events":[{"introduced":"0"},{"fixed":"5.1"}]},{"events":[{"introduced":"0"},{"fixed":"3.4.2"}]},{"events":[{"introduced":"0"},{"fixed":"3.4.2"}]},{"events":[{"introduced":"0"},{"last_affected":"3.4.2-p1"}]},{"events":[{"introduced":"0"},{"last_affected":"3.4.2-p1"}]},{"events":[{"introduced":"0"},{"last_affected":"5.8"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]}],"vanir_signatures":[{"deprecated":false,"signature_version":"v1","id":"CVE-2019-7317-777a6825","target":{"file":"png.c"},"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["4483812120425865394765832017743841760","295930966388919334935205960237712292835","117419540564145513858588339867436813964","150157320390828655074241172061404527079","15219066793749250240221192274865703159","256432711195399036927642262353737110687"]},"source":"https://github.com/pnggroup/libpng/commit/a40189cf881e9f0db80511c382292a5604c3c3d1"},{"deprecated":false,"signature_version":"v1","id":"CVE-2019-7317-83d81dde","target":{"file":"png.c","function":"png_get_copyright"},"signature_type":"Function","digest":{"function_hash":"182119414766575611561000861233124297530","length":481},"source":"https://github.com/pnggroup/libpng/commit/a40189cf881e9f0db80511c382292a5604c3c3d1"},{"deprecated":false,"signature_version":"v1","id":"CVE-2019-7317-9bb3b070","target":{"file":"pngtest.c"},"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["241838778844194275048866028647484350554"]},"source":"https://github.com/pnggroup/libpng/commit/a40189cf881e9f0db80511c382292a5604c3c3d1"},{"deprecated":false,"signature_version":"v1","id":"CVE-2019-7317-d09d8970","target":{"file":"png.h"},"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["166375070723291529406421301066248769034","275647010778297936193963675511576832388","256826767335212246520616614652191899280","279336807821086835335477021495116274772","99841383750098798180616484435499546727","159302944862349488787630211743777147289","331742628729745467196492355602919503505","120425966103587571923372910432028590987"]},"source":"https://github.com/pnggroup/libpng/commit/a40189cf881e9f0db80511c382292a5604c3c3d1"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-7317.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}