CVEs-PoC/2021/CVE-2021-4214.md

### [CVE-2021-4214](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4214)
![](https://img.shields.io/static/v1?label=Product&message=libpng&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=libpng%20v1.6%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-120%20-%20Buffer%20Copy%20without%20Checking%20Size%20of%20Input%20('Classic%20Buffer%20Overflow')&color=brightgreen)

### Description

A heap overflow flaw was found in libpngs' pngimage.c program. This flaw allows an attacker with local network access to pass a specially crafted PNG file to the pngimage utility, causing an application to crash, leading to a denial of service.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/poikl246/DevSecOps-2024-v2
- https://github.com/s-cube-xmu/Bug_List