CVE-2012-3425: Improper Restriction of Operations within the Bounds of a Memory Buffer
(updated )
The png_push_read_zTXt function in pngpread.c in libpng allows remote attackers to cause a denial of service (out-of-bounds read) via a large avail_in field value in a PNG image.
References
Detect and mitigate CVE-2012-3425 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →