25 matches found
CVE-2026-42500
Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...
CVE-2026-42500
Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...
DEBIAN-CVE-2026-42500
Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...
CVE-2026-42500 Panic when reading out of bound palette index in golang.org/x/image/bmp
Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...
CVE-2026-42500 Panic when reading out of bound palette index in golang.org/x/image/bmp
Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...
EUVD-2026-33419
Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...
CVE-2026-42500
CVE-2026-42500 affects decoding in golang.org/x/image/bmp for paletted BMP images. The issue is triggered by decoding a BMP with an out-of-range palette index, causing a panic when accessing pixels in the invalid image. Root cause: palette index validation failure during palette/pixel processing....
CVE-2026-42500
Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...
CVE-2026-42500
Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...
Security update for libpng15
This update for libpng15 fixes the following issues: CVE-2025-64505: heap buffer over-read in 'pngdoquantize' via malformed palette index bsc1254157. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...
SUSE-SU-2026:0898-1 Security update for libpng15
This update for libpng15 fixes the following issues: - CVE-2025-64505: heap buffer over-read in 'pngdoquantize' via malformed palette index bsc1254157...
SUSE SLES12: libpng16-16 / libpng16-16-32bit / libpng16-compat-devel / etc (SUSE-SU-2025:4533-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4533-1 advisory. - CVE-2025-64720: Fixed buffer overflow in pngimagereadcomposite via incorrect palette premultiplication bsc1254159 - CVE-2025-64505: Fixed hea...
SUSE-SU-2025:4432-1 Security update for libpng12
This update for libpng12 fixes the following issues: - CVE-2025-64505: Fixed heap buffer over-read in pngdoquantize via malformed palette index bsc1254157...
SUSE SLES12: libpng12-0 / libpng12-0-32bit / libpng12-compat-devel / etc (SUSE-SU-2025:4383-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:4383-1 advisory. - CVE-2025-64505: Fixed heap buffer over-read in pngdoquantize via malformed palette index bsc1254157 Tenable has extracted the preceding description...
Security update for libpng12
This update for libpng12 fixes the following issues: CVE-2025-64505: Fixed heap buffer over-read in pngdoquantize via malformed palette index bsc1254157 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE-SU-2025:4383-1 Security update for libpng12
This update for libpng12 fixes the following issues: - CVE-2025-64505: Fixed heap buffer over-read in pngdoquantize via malformed palette index bsc1254157...
LIBPNG is vulnerable to a heap buffer overflow in `png_do_quantize` via malformed palette index
...
ALPINE-CVE-2025-64505
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...
SUSE CVE-2012-1499
The JPEG 2000 codec jp2.c in OpenJPEG before 1.5 allows remote attackers to execute arbitrary code via a crafted palette index in a CMAP record of a JPEG image, which triggers memory corruption, aka "out-of heap-based buffer write."...
SUSE CVE-2017-16546
The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service use of uninitialized data or invalid memory allocation or possibly have unspecified other impact via a...