49 matches found
libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion
A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to...
libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion
A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to...
CVE-2026-42500
Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...
CVE-2026-42500
Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...
DEBIAN-CVE-2026-42500
Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...
CVE-2026-42500
Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...
UBUNTU-CVE-2026-42500
Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...
CVE-2026-42500 Panic when reading out of bound palette index in golang.org/x/image/bmp
Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...
CVE-2026-42500
Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...
EUVD-2026-33419
Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...
CVE-2026-42500
CVE-2026-42500 affects decoding in golang.org/x/image/bmp for paletted BMP images. The issue is triggered by decoding a BMP with an out-of-range palette index, causing a panic when accessing pixels in the invalid image. Root cause: palette index validation failure during palette/pixel processing....
CVE-2026-42500
Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...
GO-2026-5031 Panic when reading out of bound palette index in golang.org/x/image/bmp
Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read due to improper bounds checking in the decodepixel process. An attacker can trigger an out-of-bounds read by supplying a specially crafted TGA paletted image that causes integer wraparound during palette index...
CVE-2026-43996 OpenImageIO: Integer wraparound in bounds check of decode_pixel leads to out-of-bounds read in TGA paletted image decoder
OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, the bounds check in TGAInput::decodepixel computes k + palbytespp as unsigned 32-bit arithmetic. When k = 0xFFFFFFFC and palbytespp = 4...
CVE-2026-43996 OpenImageIO: Integer wraparound in bounds check of decode_pixel leads to out-of-bounds read in TGA paletted image decoder
OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, the bounds check in TGAInput::decodepixel computes k + palbytespp as unsigned 32-bit arithmetic. When k = 0xFFFFFFFC and palbytespp = 4...
CVE-2026-43996
OpenImageIO: The vulnerability is in TGAInput::decode_pixel where a bounds check uses unsigned 32-bit arithmetic. When k = 0xFFFFFFFC and palbytespp = 4, k + palbytespp wraps, causing an out-of-bounds palette access that can trigger a SEGV. This affects releases prior to 3.0.18.0 and 3.1.13.0. Th...
libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion
A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to...
libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion
A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to...
libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion
A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to...