284 matches found
MGASA-2025-0314 Updated libpng packages fix security vulnerabilities
LIBPNG is vulnerable to a heap buffer overflow in pngdoquantize via malformed palette index. CVE-2025-64505 LIBPNG is vulnerable to a heap buffer over-read in pngwriteimage8bit with grayscale+alpha or RGB/RGBA images. CVE-2025-64506 LIBPNG is vulnerable to a buffer overflow in pngimagereadcomposi...
OESA-2025-2763 libpng security update
The libpng package contains libraries used by other programs for reading and writing PNG format files. The PNG format was designed as a replacement for GIF and, to a lesser extent, TIFF, with many improvements and extensions and lack of patent problems. Security Fixes: LIBPNG is a reference libra...
LIBPNG is vulnerable to a heap buffer overflow in `png_do_quantize` via malformed palette index
...
AZL-70763 CVE-2025-64505 affecting package libpng for versions less than 1.6.51-1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...
ALPINE-CVE-2025-64505
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...
AZL-70880 CVE-2025-64505 affecting package optipng 0.7.8-5
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...
AZL-70909 CVE-2025-64505 affecting package libpng15 1.5.30-15
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...
AZL-70844 CVE-2025-64505 affecting package fltk 1.3.8-1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...
CVE-2025-64505
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...
AZL-70862 CVE-2025-64505 affecting package libpng15 1.5.30-15
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...
AZL-70906 CVE-2025-64505 affecting package libpng12 1.2.57-16
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...
AZL-70969 CVE-2025-64505 affecting package libpng for versions less than 1.6.51-1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...
libpng 缓冲区错误漏洞
libpng is an open source PNG reference library from The PNG Development Group that enables creation, reading and writing of PNG graphic files. A buffer error vulnerability exists in libpng versions prior to 1.6.51, which stems from a heap buffer out-of-bounds read in the pngdoquantize function wh...
CVE-2025-64505
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...
CVE-2025-64505
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...
png -- Multiple vulnerabilities
https://github.com/pnggroup/libpng/security/advisories/GHSA-7wv6-48j4-hj3g reports: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From version 1.6.0 to before 1.6.51, there is a heap buffer overflow...
[slackware-security] libpng
New libpng packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libpng-1.6.51-i586-1slack15.0.txz: Upgraded. This update fixes security issues: Fixed CVE-2025-64505 moderate severity: Heap buffer...
CVE-2021-37645
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.rawops.QuantizeAndDequantizeV4Grad is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on thi...
CVE-2024-41440
A heap buffer overflow in the function pngquantize of hicolor v0.5.0 allows attackers to cause a Denial of Service DoS via a crafted PNG file...
PT-2024-29402 · Hicolor · Hicolor
Name of the Vulnerable Software and Affected Versions: hicolor version 0.5.0 Description: A heap buffer overflow in the png quantize function allows attackers to cause a Denial of Service DoS via a crafted PNG file. Recommendations: For hicolor version 0.5.0, at the moment, there is no informatio...