ROS-20260401-73-0016

A vulnerability in the pngdoquantize function of the pngrtran.c component of the PNG Libpng bitmap graphics library is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability may allow an attacker to gain access to confidential data and cause a denial of...

EulerOS Virtualization 2.12.0 : libpng (EulerOS-SA-2026-1494)

According to the versions of the libpng package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image...

SUSE-SU-2026:0898-1 Security update for libpng15

This update for libpng15 fixes the following issues: - CVE-2025-64505: heap buffer over-read in 'pngdoquantize' via malformed palette index bsc1254157...

Security update for libpng15

This update for libpng15 fixes the following issues: CVE-2025-64505: heap buffer over-read in 'pngdoquantize' via malformed palette index bsc1254157. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...

CLSA-2025-1766135952 libpng: Fix of CVE-2025-64505

CVE-2025-64505: fix heap buffer over-read vulnerability in pngdoquantize function by validating palettelookup array bounds...

Security update for libpng12

This update for libpng12 fixes the following issues: CVE-2025-64505: Fixed heap buffer over-read in pngdoquantize via malformed palette index bsc1254157 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

CLSA-2025-1765380269 libpng: Fix of CVE-2025-64505

CVE-2025-64505: fix heap buffer over-read vulnerability in pngdoquantize function...

Updated libpng packages fix security vulnerabilities

LIBPNG is vulnerable to a heap buffer overflow in pngdoquantize via malformed palette index. CVE-2025-64505 LIBPNG is vulnerable to a heap buffer over-read in pngwriteimage8bit with grayscale+alpha or RGB/RGBA images. CVE-2025-64506 LIBPNG is vulnerable to a buffer overflow in pngimagereadcomposi...

DEBIAN-CVE-2025-64505

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...

AZL-70859 CVE-2025-64505 affecting package libpng12 1.2.57-16

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...

AZL-70865 CVE-2025-64505 affecting package openjpeg2 2.3.1-12

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...

CVE-2025-64505 LIBPNG is vulnerable to a heap buffer overflow in `png_do_quantize` via malformed palette index

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...

CVE-2025-64505

CVE-2025-64505 describes a heap buffer over-read in libpng’s png_do_quantize when processing PNGs with malformed palette indices, caused by improper bounds checking of palette_lookup against externally supplied image data. The vulnerability is fixed in libpng 1.6.51. Connected advisories note pac...

CVE-2025-64505 LIBPNG is vulnerable to a heap buffer overflow in `png_do_quantize` via malformed palette index

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...

CVE-2025-64505 LIBPNG is vulnerable to a heap buffer overflow in `png_do_quantize` via malformed palette index

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the pngdoquantize function, which lacks validation of external image data. An attacker can create a PNG file containing out-of-range palette indices, leading to out-of-bounds memory access. Remediation Upgrade...