rpm package
suse/libpng16&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
pkg:rpm/suse/libpng16&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5
Vulnerabilities (9)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-34757 | Med | 5.1 | < 1.6.8-15.24.1 | 1.6.8-15.24.1 | Apr 9, 2026 | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from png_get_PLTE, png_get_tRNS, or png_get_hIST back into the corresponding setter | |
| CVE-2026-33416 | Hig | 7.5 | < 1.6.8-15.21.1 | 1.6.8-15.21.1 | Mar 26, 2026 | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.2.1 through 1.6.55, `png_set_tRNS` and `png_set_PLTE` each alias a heap-allocated buffer between `png_struct` and `png_info`, | |
| CVE-2026-25646 | — | < 1.6.8-15.18.1 | 1.6.8-15.18.1 | Feb 10, 2026 | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the png_set_quantize() API function. When the function is called with no hist | ||
| CVE-2026-22695 | — | < 1.6.8-15.15.1 | 1.6.8-15.15.1 | Jan 12, 2026 | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.6.51 to 1.6.53, there is a heap buffer over-read in the libpng simplified API function png_image_finish_read when processing interlac | ||
| CVE-2025-66293 | — | < 1.6.8-15.12.1 | 1.6.8-15.12.1 | Dec 3, 2025 | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512 | ||
| CVE-2025-65018 | — | < 1.6.8-15.9.1 | 1.6.8-15.9.1 | Nov 24, 2025 | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, there is a heap buffer overflow vulnerability in the libpng simplified API function png_image_finish_re | ||
| CVE-2025-64720 | — | < 1.6.8-15.9.1 | 1.6.8-15.9.1 | Nov 24, 2025 | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, an out-of-bounds read vulnerability exists in png_image_read_composite when processing palette images w | ||
| CVE-2025-64506 | — | < 1.6.8-15.9.1 | 1.6.8-15.9.1 | Nov 24, 2025 | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, a heap buffer over-read vulnerability exists in libpng's png_write_image_8bit function when processing | ||
| CVE-2025-64505 | — | < 1.6.8-15.9.1 | 1.6.8-15.9.1 | Nov 24, 2025 | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's png_do_quantize function when processing PNG files with ma |
- affected < 1.6.8-15.24.1fixed 1.6.8-15.24.1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from png_get_PLTE, png_get_tRNS, or png_get_hIST back into the corresponding setter
- affected < 1.6.8-15.21.1fixed 1.6.8-15.21.1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.2.1 through 1.6.55, `png_set_tRNS` and `png_set_PLTE` each alias a heap-allocated buffer between `png_struct` and `png_info`,
- CVE-2026-25646Feb 10, 2026affected < 1.6.8-15.18.1fixed 1.6.8-15.18.1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the png_set_quantize() API function. When the function is called with no hist
- CVE-2026-22695Jan 12, 2026affected < 1.6.8-15.15.1fixed 1.6.8-15.15.1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.6.51 to 1.6.53, there is a heap buffer over-read in the libpng simplified API function png_image_finish_read when processing interlac
- CVE-2025-66293Dec 3, 2025affected < 1.6.8-15.12.1fixed 1.6.8-15.12.1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512
- CVE-2025-65018Nov 24, 2025affected < 1.6.8-15.9.1fixed 1.6.8-15.9.1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, there is a heap buffer overflow vulnerability in the libpng simplified API function png_image_finish_re
- CVE-2025-64720Nov 24, 2025affected < 1.6.8-15.9.1fixed 1.6.8-15.9.1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, an out-of-bounds read vulnerability exists in png_image_read_composite when processing palette images w
- CVE-2025-64506Nov 24, 2025affected < 1.6.8-15.9.1fixed 1.6.8-15.9.1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, a heap buffer over-read vulnerability exists in libpng's png_write_image_8bit function when processing
- CVE-2025-64505Nov 24, 2025affected < 1.6.8-15.9.1fixed 1.6.8-15.9.1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's png_do_quantize function when processing PNG files with ma