png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. NOTE: a third party has stated "I don't think it is libpng's job to free this buffer.
CVSS Score
6.5
EPSS Score
0.003
Published
2019-01-11
Page 2