{ "affected": [ { "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "last_affected": "0.5.0" } ] }, "events": [ { "introduced": "0" }, { "last_affected": "358fc2d4dfd04229b3279f1cd021882d1bfe1268" } ], "repo": "https://github.com/dbohdan/hicolor", "type": "GIT" } ] } ], "details": "A stack overflow in the function cp_dynamic() (/vendor/cute_png.h) of hicolor v0.5.0 allows attackers to cause a Denial of Service (DoS) via a crafted PNG file.", "id": "CVE-2024-41443", "modified": "2026-04-01T23:09:01.988027664Z", "published": "2024-07-30T19:15:11.300Z", "references": [ { "type": "EVIDENCE", "url": "https://github.com/Helson-S/FuzzyTesting/blob/master/hicolor/stkof-w133-cp_dynamic-cute_png-603/vulDescription.assets/image-20240530223831738.png" }, { "type": "EVIDENCE", "url": "https://github.com/Helson-S/FuzzyTesting/blob/master/hicolor/stkof-w133-cp_dynamic-cute_png-603/vulDescription.assets/image-20240530223921086.png" }, { "type": "EVIDENCE", "url": "https://github.com/Helson-S/FuzzyTesting/blob/master/hicolor/stkof-w133-cp_dynamic-cute_png-603/vulDescription.md" }, { "type": "EVIDENCE", "url": "https://github.com/Helson-S/FuzzyTesting/blob/master/hicolor/stkof-w133-cp_dynamic-cute_png-603" }, { "type": "EVIDENCE", "url": "https://github.com/Helson-S/FuzzyTesting/blob/master/hicolor/stkof-w133-cp_dynamic-cute_png-603/poc" }, { "type": "EVIDENCE", "url": "https://github.com/Helson-S/FuzzyTesting/blob/master/hicolor/stkof-w133-cp_dynamic-cute_png-603/poc/sample16.png" } ], "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "type": "CVSS_V3" } ] }