64 matches found
libpng: LIBPNG out-of-bounds read in png_image_read_composite
An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger...
JLSEC-2026-6 LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl...
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing...
EulerOS 2.0 SP11 : libpng (EulerOS-SA-2026-1583)
According to the versions of the libpng package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to...
Astra Linux – Vulnerability in libpng1.6
LIBPNG is a reference library used in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Starting from version 1.6.0 until 1.6.51, there was an out-of-bounds read vulnerability in pngimagereadcomposite when processing palette images with...
Astra Linux – Vulnerability in libpng1.6
LIBPNG is a reference library used in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.52, there was an out-of-bounds read vulnerability in libpng’s simplified API, allowing for reading of up to 10^12 bytes beyond the...
Advisory ROSA-SA-2026-3148
Software: libpng 1.6.34 OS: ROSA Virtualization 3.1 unaffected versions = libpng-1.6.34-9.0.1.1.rv31 affected versions libpng-1.6.34-9.0.1.1.rv31 CVE-ID: CVE-2025-64720 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Read Outside Buffer Vulnerability in LIBPNG: The pngimagereadcomposite function incorrect...
TencentOS Server 4: libpng (TSSA-2025:0923)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0923 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
libpng: LIBPNG buffer overflow
A buffer overflow flaw has been discovered in libpng. An out-of-bounds read vulnerability exists in pngimagereadcomposite when processing palette images with PNGFLAGOPTIMIZEALPHA enabled. The palette compositing code in pnginitreadtransformations incorrectly applies background compositing during...
libpng: LIBPNG buffer overflow
A buffer overflow flaw has been discovered in libpng. An out-of-bounds read vulnerability exists in pngimagereadcomposite when processing palette images with PNGFLAGOPTIMIZEALPHA enabled. The palette compositing code in pnginitreadtransformations incorrectly applies background compositing during...
libpng: LIBPNG buffer overflow
A buffer overflow flaw has been discovered in libpng. An out-of-bounds read vulnerability exists in pngimagereadcomposite when processing palette images with PNGFLAGOPTIMIZEALPHA enabled. The palette compositing code in pnginitreadtransformations incorrectly applies background compositing during...
libpng: LIBPNG buffer overflow
A buffer overflow flaw has been discovered in libpng. An out-of-bounds read vulnerability exists in pngimagereadcomposite when processing palette images with PNGFLAGOPTIMIZEALPHA enabled. The palette compositing code in pnginitreadtransformations incorrectly applies background compositing during...
libpng: LIBPNG buffer overflow
A buffer overflow flaw has been discovered in libpng. An out-of-bounds read vulnerability exists in pngimagereadcomposite when processing palette images with PNGFLAGOPTIMIZEALPHA enabled. The palette compositing code in pnginitreadtransformations incorrectly applies background compositing during...
libpng: LIBPNG buffer overflow
A buffer overflow flaw has been discovered in libpng. An out-of-bounds read vulnerability exists in pngimagereadcomposite when processing palette images with PNGFLAGOPTIMIZEALPHA enabled. The palette compositing code in pnginitreadtransformations incorrectly applies background compositing during...
libpng: LIBPNG buffer overflow
A buffer overflow flaw has been discovered in libpng. An out-of-bounds read vulnerability exists in pngimagereadcomposite when processing palette images with PNGFLAGOPTIMIZEALPHA enabled. The palette compositing code in pnginitreadtransformations incorrectly applies background compositing during...
OESA-2026-1128 libpng security update
The libpng package contains libraries used by other programs for reading and writing PNG format files. The PNG format was designed as a replacement for GIF and, to a lesser extent, TIFF, with many improvements and extensions and lack of patent problems. Security Fixes: LIBPNG is a reference libra...
OESA-2026-1129 libpng security update
The libpng package contains libraries used by other programs for reading and writing PNG format files. The PNG format was designed as a replacement for GIF and, to a lesser extent, TIFF, with many improvements and extensions and lack of patent problems. Security Fixes: LIBPNG is a reference libra...
EulerOS 2.0 SP12 : libpng (EulerOS-SA-2026-1092)
According to the versions of the libpng package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From...
openSUSE 16 Security Update : libpng16 (openSUSE-SU-2026:20017-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20017-1 advisory. - CVE-2025-64505: heap buffer over-read in pngdoquantize when processing PNG files malformed palette indices bsc1254157. - CVE-2025-64506: heap...
SUSE-SU-2026:20073-1 Security update for libpng16
This update for libpng16 fixes the following issues: - CVE-2025-64505: heap buffer over-read in pngdoquantize when processing PNG files malformed palette indices bsc1254157. - CVE-2025-64506: heap buffer over-read in pngwriteimage8bit when processing 8-bit input with convertto8bit enabled...
OPENSUSE-SU-2026:20017-1 Security update for libpng16
This update for libpng16 fixes the following issues: - CVE-2025-64505: heap buffer over-read in pngdoquantize when processing PNG files malformed palette indices bsc1254157. - CVE-2025-64506: heap buffer over-read in pngwriteimage8bit when processing 8-bit input with convertto8bit enabled...