281 matches found
CLSA-2026-1771840259 libpng: Fix of CVE-2026-25646
CVE-2026-25646: fix out-of-bounds read and potential heap buffer overflow in pngsetquantize caused by stale palette indices during color pruning...
CLSA-2026-1771839565 libpng: Fix of CVE-2026-25646
CVE-2026-25646: fix out-of-bounds read and potential heap buffer overflow in pngsetquantize caused by stale palette indices during color pruning...
libpng: LIBPNG has a heap buffer overflow in png_set_quantize
A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...
Important: Red Hat Security Advisory: libpng15 security update
An update for libpng15 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
RHEL 9 : libpng15 (RHSA-2026:3031)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:3031 advisory. The libpng15 package provides libpng 1.5, an older version of the libpng. library for manipulating PNG Portable Network Graphics image format files...
Important: libpng15 security update
The libpng15 package provides libpng 1.5, an older version of the libpng. library for manipulating PNG Portable Network Graphics image format files. This version should be used only if you are unable to use the current version of libpng. Security Fixes: libpng: LIBPNG has a heap buffer overflow i...
libpng15 security update
1.5.30-14.1 - fix CVE-2026-25646: heap buffer overflow in pngsetquantize RHEL-148404...
ALSA-2026:3031 Important: libpng15 security update
The libpng15 package provides libpng 1.5, an older version of the libpng. library for manipulating PNG Portable Network Graphics image format files. This version should be used only if you are unable to use the current version of libpng. Security Fixes: libpng: LIBPNG has a heap buffer overflow i...
SUSE SLES12 Security Update : libpng16 (SUSE-SU-2026:0583-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:0583-1 advisory. - CVE-2026-25646: heap buffer overflow vulnerability in pngsetdither/pngsetquantize bsc1258020. Tenable has extracted the preceding description block...
Security update for libpng16
This update for libpng16 fixes the following issues: CVE-2026-25646: heap buffer overflow vulnerability in pngsetdither/pngsetquantize bsc1258020. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Fedora 43 : libpng (2026-a9ae661fa2)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-a9ae661fa2 advisory. Version 1.6.54 January 12, 2026 Fixed CVE-2026-22695 medium severity: Heap buffer over-read in pngimagereaddirectscaled. Fixed CVE-2026-22801 medium...
Updated libpng packages fix security vulnerability
Heap buffer overflow in pngsetquantize when called with no histogram and a palette larger than twice the requested maximum number of colors. CVE-2026-25646...
[slackware-security] libpng
New libpng packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libpng-1.6.55-i586-1slack15.0.txz: Upgraded. Fixed a high severity security issue: Heap buffer overflow in pngsetquantize. Reported a...
SUSE CVE-2026-25646
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of...
AZL-77477 CVE-2026-25646 affecting package openjpeg2 2.3.1-12
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of...
AZL-77480 CVE-2026-25646 affecting package optipng 0.7.8-5
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of...
AZL-77409 CVE-2026-25646 affecting package libpng for versions less than 1.6.55-1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of...
AZL-77463 CVE-2026-25646 affecting package libpng15 1.5.30-15
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of...
AZL-77460 CVE-2026-25646 affecting package libpng12 1.2.57-16
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of...
AZL-77466 CVE-2026-25646 affecting package openjpeg2 2.3.1-12
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of...