CVE-2015-8540: Out-of-bounds Read

April 14, 2016 (updated June 29, 2021)

Integer underflow in the png_check_keyword function in pngwutil.c in libpng allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.

References

nvd.nist.gov/vuln/detail/CVE-2015-8540

Detect and mitigate CVE-2015-8540 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →