CVE-2019-9423: Out-of-bounds Write
In opencv calls that use libpng, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges required. User interaction is not required for exploitation. Product: AndroidVersions: Android-10Android ID: A-110986616
References
- www.openwall.com/lists/oss-security/2019/10/25/17
- www.openwall.com/lists/oss-security/2019/10/27/1
- www.openwall.com/lists/oss-security/2019/11/07/1
- www.openwall.com/lists/oss-security/2020/12/05/1
- github.com/advisories/GHSA-8849-5h85-98qw
- nvd.nist.gov/vuln/detail/CVE-2019-9423
- source.android.com/security/bulletin/android-10
Code Behaviors & Features
Detect and mitigate CVE-2019-9423 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →