The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL palette, related to pngrtran.c and pngset.c.
CVE-2013-6954
Score 6.5 from GitHub Security Advisory published 2022-05-14. NVD baseline CVSS 6.5; sources differ by 0.0.
- Lower severity and no public exploit yet
A fix is available — apply it.
- CVSS v3
- 6.5
- EG Score
- 6.5(medium)
- EPSS
- 90.7%
- KEV
- Not listed
Published
January 12, 2014
Last Modified
April 29, 2026
Advisory Details (4)
Auto-updated Apr 30, 2026'[security bulletin] HPSBUX03092 SSRT101668 rev.1 - HP-UX running Java6, Remote Unauthorized Access, ' - MARC
http://marc.info/?l=bugtraq&m=140852974709252&w=2'[security bulletin] HPSBUX03091 SSRT101667 rev.1 - HP-UX running Java7, Remote Unauthorized Access, ' - MARC
http://marc.info/?l=bugtraq&m=140852886808946&w=2Mageia Advisory: MGASA-2014-0075 - Updated libpng and libpng12 packages fix security vulnerability
http://advisories.mageia.org/MGASA-2014-0075.htmlVendor Advisories for CVE-2013-6954(7)
These vendors published their own advisory mentioning this CVE — often with vendor-specific remediation steps + affected product lists not in NVD.
- RHSA-2014:0982Red Hat Product SecurityLow
Red Hat Security Advisory: Red Hat Network Satellite server IBM Java Runtime security update
- RHSA-2014:0705Red Hat Product SecurityCritical
Red Hat Security Advisory: java-1.7.1-ibm security update
- RHSA-2014:0508Red Hat Product SecurityCritical
Red Hat Security Advisory: java-1.6.0-ibm security update
- RHSA-2014:0486Red Hat Product SecurityCritical
Red Hat Security Advisory: java-1.7.0-ibm security update
- RHSA-2014:0414Red Hat Product SecurityHigh
Red Hat Security Advisory: java-1.6.0-sun security update
- RHSA-2014:0412Red Hat Product SecurityCritical
Red Hat Security Advisory: java-1.7.0-oracle security update
- RHSA-2014:0413Red Hat Product SecurityCritical
Red Hat Security Advisory: java-1.7.0-oracle security update
Patch Availability(6)
| Vendor / Ecosystem | Fixed in / Patch | Released | Source |
|---|---|---|---|
| redhat | java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5 | 2014-07-29 | redhat |
| redhat | java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0 | 2014-06-10 | redhat |
| redhat | java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5 | 2014-05-15 | redhat |
| redhat | java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5 | 2014-05-13 | redhat |
| redhat | java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5 | 2014-04-17 | redhat |
| redhat | java-1.6.0-sun-1:1.6.0.75-1jpp.1.el6_5 | 2014-04-17 | redhat |
Patches are aggregated from vendor advisories (Red Hat, Microsoft, Cisco, GitHub) and package ecosystems (OSV, GHSA). Multiple rows for the same upstream release have been deduplicated.
Frequently asked(5)
What is CVE-2013-6954?
When was CVE-2013-6954 disclosed?
Is CVE-2013-6954 actively exploited?
What is the CVSS score of CVE-2013-6954?
How do I remediate CVE-2013-6954?
Dependency Blast Radius
Explore the affected products and dependency analysis for CVE-2013-6954
Is Your Infrastructure Affected by CVE-2013-6954?
EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.