Optipng

optipng

Vendor: Optipng • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-2191 4Canonical DebianOpensuse+1 more 5Debian Linux LeapOpensuse+2 more May 6, 2026 Apr 13, 2016 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The bmp_read_rows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (invalid memory write and crash) via a series of delta escapes in a crafted BMP image.
CVE-2012-4432 1Optipng 1Optipng Apr 29, 2026 Oct 1, 2012 N/A· v4 N/A· v3 7.5 HIGH· v2 Use-after-free vulnerability in opngreduc.c in OptiPNG Hg and 0.7.x before 0.7.3 might allow remote attackers to execute arbitrary code via unspecified vectors related to "palette reduction."
CVE-2008-5101 1Optipng 1Optipng Apr 23, 2026 Nov 17, 2008 N/A· v4 N/A· v3 9.3 HIGH· v2 Buffer overflow in the BMP reader in OptiPNG 0.6 and 0.6.1 allows user-assisted attackers to execute arbitrary code via a crafted BMP image, related to an "array overflow."