CVE-2016-10087: NULL Pointer Dereference

January 30, 2017 (updated June 29, 2021)

The png_set_text_2 function in libpng allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.

References

nvd.nist.gov/vuln/detail/CVE-2016-10087

Detect and mitigate CVE-2016-10087 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →