8 matches found
Oracle Linux 10 : libpng (ELSA-2026-18064)
The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-18064 advisory. 2:1.6.40-8.4 - fix CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE RHEL-161324 Tenable has extracted the preceding descriptio...
CLSA-2026-1778928586 libpng: Fix of CVE-2026-34757
CVE-2026-34757: use-after-free in pngsetPLTE, pngsettRNS, pngsethIST, pngsettext, pngsetsPLT and pngsetunknownchunks when the caller passes the pointer returned by the corresponding getter back to the setter...
SUSE-SU-2026:1601-1 Security update for libpng16
This update for libpng16 fixes the following issue: - CVE-2026-34757: information disclosure and data corruption due to use-after-free in pngsetPLTE, pngsettRNS and pngsethIST bsc1261957...
SUSE SLES15: libpng16-16 / libpng16-16-32bit / libpng16-compat-devel / etc (SUSE-SU-2026:1323-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1323-1 advisory. - CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE can lead to arbitrary code execution bsc1260754. Tenable...
SUSE-SU-2026:1311-1 Security update for libpng16
This update for libpng16 fixes the following issue: - CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE can lead to arbitrary code execution bsc1260754...
Important: libpng12
Issue Overview: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single...
OPENSUSE-SU-2026:20466-1 Security update for libpng16
This update for libpng16 fixes the following issues: - CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE can lead to arbitrary code execution bsc1260754. - CVE-2026-33636: out-of-bounds read/write in the palette expansion on ARM Neon can lead to information leak and...
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free in the pngsettRNS and pngsetPLTE functions, where a heap-allocated buffer is aliased between two structures with independent lifetimes. An attacker can cause memory corruption or potentially execute arbitrary code by...