AZL-70897 CVE-2025-64506 affecting package fltk 1.3.5-4

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From version 1.6.0 to before 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngwriteimage8bit function when processing 8-bit images through t...

AZL-70903 CVE-2025-64506 affecting package gdal 3.6.3-5

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From version 1.6.0 to before 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngwriteimage8bit function when processing 8-bit images through t...

CVE-2025-64506 LIBPNG is vulnerable to a heap buffer over-read in `png_write_image_8bit` with grayscale+alpha or RGB/RGBA images

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From version 1.6.0 to before 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngwriteimage8bit function when processing 8-bit images through t...

CVE-2025-64506

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From version 1.6.0 to before 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngwriteimage8bit function when processing 8-bit images through t...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the pngwriteimage8bit function, which incorrectly processes 8-bit image data as 16-bit when the simplified write API is used with convertto8bit enabled. An attacker can craft a malicious 8-bit PNG image, causing i...