AZL-79523 CVE-2026-3713 affecting package optipng 0.7.8-5

A flaw has been found in pnggroup libpng up to 1.6.55. Affected by this vulnerability is the function dopnm2png of the file contrib/pngminus/pnm2png.c of the component pnm2png. This manipulation of the argument width/height causes heap-based buffer overflow. The attack is restricted to local...

AZL-70877 CVE-2025-65018 affecting package optipng 0.7.8-5

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From version 1.6.0 to before 1.6.51, there is a heap buffer overflow vulnerability in the libpng simplified API function pngimagefinishread when processing...

EUVD-2015-7700

Malware in sbrugna...

EUVD-2012-4366

Malware in sbrugna...

EUVD-2017-1497

Malware in sbrugna...

EUVD-2016-3275

Malware in sbrugna...

Amazon Linux 2 : optipng, --advisory ALAS2-2025-3011 (ALAS-2025-3011)

The version of optipng installed on the remote host is prior to 0.7.7-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3011 advisory. OptiPNG v0.7.7 was discovered to contain a global buffer overflow via the 'buffer' variable at gifread.c. CVE-2023-43907 Tenable ha...

Fedora 42 : optipng (2025-6b4a9c1dd1)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-6b4a9c1dd1 advisory. Update to 7.9.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

Linux Distros Unpatched Vulnerability : CVE-2016-3981

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in the bmpreadrows function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service out-of-bounds...

Security update for optipng (moderate)

openSUSE Security Update: Security update for optipng Announcement ID: openSUSE-SU-2023:0388-1 Rating: moderate References: 1215937 Cross-References: CVE-2023-43907 CVSS scores: CVE-2023-43907 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP4 ...

AZL-61795 CVE-2023-45853 affecting package optipng 0.7.8-5

MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an...

SUSE CVE-2016-2191

The bmpreadrows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service invalid memory write and crash via a series of delta escapes in a crafted BMP image...

Arbitrary Code Execution

optipng is vulnerable to arbitrary code execution. A heap-based buffer overflow in the bmpreadrows function in pngxrbmp.c remote attackers to execute arbitrary code on the host OS...

Denial Of Service (DoS)

OptiPNG is vulnerable to denial of service. An attacker is able to cause a denial of service invalid memory write and crash via a series of delta escapes in a crafted BMP image...

USN-3495-1: OptiPNG vulnerability

It was discovered that OptiPNG incorrectly handled memory. A remote attacker could use this issue with a specially crafted image file to cause OptiPNG to crash, resulting in a denial of service, or possibly execute arbitrary code...

OptiPNG Integer Overflow Vulnerability

OptiPNG is a tool to optimize the compression of PNG images. An integer overflow vulnerability exists in the minutiffreadinfo function in optipng 0.7.6. An attacker could exploit this vulnerability to remotely execute code or cause a denial of service...

CVE-2015-7801

Use-after-free vulnerability in OptiPNG 0.6.4 allows remote attackers to execute arbitrary code via a crafted PNG file...

CVE-2015-7801

Use-after-free vulnerability in OptiPNG 0.6.4 allows remote attackers to execute arbitrary code via a crafted PNG file...

USN-2951-1 optipng vulnerabilities

Gustavo Grieco discovered that OptiPNG incorrectly handled memory. A remote attacker could use this issue with a specially crafted image file to cause OptiPNG to crash, resulting in a denial of service. CVE-2015-7801 Gustavo Grieco discovered that OptiPNG incorrectly handled memory. A remote...

CVE-2016-3981

Heap-based buffer overflow in the bmpreadrows function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service out-of-bounds read or write access and crash or possibly execute arbitrary code via a crafted image file...