Lodev Lodepng vulnerabilities

CVE-2022-44081 [MEDIUM] CWE-125 CVE-2022-44081: Lodepng v20220717 was discovered to contain a segmentation fault via the function pngdetail. Lodepng v20220717 was discovered to contain a segmentation fault via the function pngdetail.

CVE-2019-17178 [HIGH] CWE-252 CVE-2019-17178: HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-09-28, as used in WinPR in Free HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-09-28, as used in WinPR in FreeRDP and other products, has a memory leak because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.