AZL-79523 CVE-2026-3713 affecting package optipng 0.7.8-5

A flaw has been found in pnggroup libpng up to 1.6.55. Affected by this vulnerability is the function dopnm2png of the file contrib/pngminus/pnm2png.c of the component pnm2png. This manipulation of the argument width/height causes heap-based buffer overflow. The attack is restricted to local...

AZL-79283 CVE-2026-3381 affecting package optipng 0.7.8-5

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...

AZL-77480 CVE-2026-25646 affecting package optipng 0.7.8-5

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of...

Azure Linux 3.0 Security Update: optipng (CVE-2023-43907)

The version of optipng installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-43907 advisory. - OptiPNG v0.7.7 was discovered to contain a global buffer overflow via the 'buffer' variable at gifread.c...

AZL-71470 CVE-2025-66293 affecting package optipng 0.7.8-5

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing...

AZL-70880 CVE-2025-64505 affecting package optipng 0.7.8-5

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...

AZL-70883 CVE-2025-64720 affecting package optipng 0.7.8-5

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From version 1.6.0 to before 1.6.51, an out-of-bounds read vulnerability exists in pngimagereadcomposite when processing palette images with PNGFLAGOPTIMIZEALP...

AZL-70877 CVE-2025-65018 affecting package optipng 0.7.8-5

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From version 1.6.0 to before 1.6.51, there is a heap buffer overflow vulnerability in the libpng simplified API function pngimagefinishread when processing...

EUVD-2008-5080

Malware in sbrugna...

EUVD-2015-7701

Malware in sbrugna...

EUVD-2016-4990

Malware in sbrugna...

EUVD-2015-7700

Malware in sbrugna...

EUVD-2012-4366

Malware in sbrugna...

EUVD-2017-1497

Malware in sbrugna...

EUVD-2017-8107

Malware in sbrugna...

EUVD-2016-3275

Malware in sbrugna...

EUVD-2016-4991

Malware in sbrugna...

EUVD-2023-48267

Malicious code in bioql PyPI...

Amazon Linux 2 : optipng, --advisory ALAS2-2025-3011 (ALAS-2025-3011)

The version of optipng installed on the remote host is prior to 0.7.7-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3011 advisory. OptiPNG v0.7.7 was discovered to contain a global buffer overflow via the 'buffer' variable at gifread.c. CVE-2023-43907 Tenable ha...

Low: optipng

Issue Overview: OptiPNG v0.7.7 was discovered to contain a global buffer overflow via the 'buffer' variable at gifread.c. CVE-2023-43907 Affected Packages: optipng Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core a...