CVE-2020-27818
- Source
- https://cve.org/CVERecord?id=CVE-2020-27818
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-27818.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2020-27818
- Downstream
- Related
- Published
- 2020-12-08T01:15:12.320Z
- Modified
- 2026-03-20T11:36:03.906234Z
- Severity
-
- 3.3 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVSS Calculator
- Summary
- [none]
- Details
-
A flaw was found in the checkchunkname() function of pngcheck-2.4.0. An attacker able to pass a malicious file to be processed by pngcheck could cause a temporary denial of service, posing a low risk to application availability.
- References
-
- https://bodhi.fedoraproject.org/updates/FEDORA-2020-04d5e1ce26
- https://bodhi.fedoraproject.org/updates/FEDORA-2020-27b168926a
- https://bodhi.fedoraproject.org/updates/FEDORA-2020-23432b7b72
- https://bodhi.fedoraproject.org/updates/FEDORA-2020-4349e95c4f
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-339db397ad
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-6c93c61069
- https://lists.debian.org/debian-lts-announce/2022/05/msg00043.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1902011
Affected packages
Git / github.com/pnggroup/pngcheck
Affected versions
v1.*
v1.2
v1.5
v1.6
v1.7
v1.8
v1.92
v1.93
v1.94
v1.96
v1.97
v1.98
v1.99.2
v1.99.3
v2.*
v2.0.0
v2.1.0
v2.2.0
v2.3.0
v2.4.0
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "31"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "32"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "33"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "34"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0"
}
]
}
]
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-27818.json"