Stack-based buffer overflow in contrib/pngminus/pnm2png.c:get_token() function in libpng was found, possibly leading to arbitrary code execution when processing untrusted input. Upstream bug: https://github.com/glennrp/libpng/issues/246 CREATE(Triage): {Link=https://nvd.nist.gov/vuln/detail/CVE-2018-14550 User=admin}