rpm package
suse/libpng16&distro=SUSE Linux Micro 6.1
pkg:rpm/suse/libpng16&distro=SUSE%20Linux%20Micro%206.1
Vulnerabilities (13)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-34757 | Med | 5.1 | < 1.6.43-slfo.1.1_5.1 | 1.6.43-slfo.1.1_5.1 | Apr 9, 2026 | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from png_get_PLTE, png_get_tRNS, or png_get_hIST back into the corresponding setter | |
| CVE-2026-33636 | Hig | 7.6 | < 1.6.43-slfo.1.1_4.1 | 1.6.43-slfo.1.1_4.1 | Mar 26, 2026 | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.6.36 through 1.6.55, an out-of-bounds read and write exists in libpng's ARM/AArch64 Neon-optimized palette expansion path. Whe | |
| CVE-2026-33416 | Hig | 7.5 | < 1.6.43-slfo.1.1_4.1 | 1.6.43-slfo.1.1_4.1 | Mar 26, 2026 | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.2.1 through 1.6.55, `png_set_tRNS` and `png_set_PLTE` each alias a heap-allocated buffer between `png_struct` and `png_info`, | |
| CVE-2026-25646 | — | < 1.6.43-slfo.1.1_3.1 | 1.6.43-slfo.1.1_3.1 | Feb 10, 2026 | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the png_set_quantize() API function. When the function is called with no hist | ||
| CVE-2025-28164 | — | < 1.6.43-slfo.1.1_3.1 | 1.6.43-slfo.1.1_3.1 | Jan 27, 2026 | Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via png_create_read_struct() function. | ||
| CVE-2025-28162 | — | < 1.6.43-slfo.1.1_3.1 | 1.6.43-slfo.1.1_3.1 | Jan 27, 2026 | Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via the pngimage with AddressSanitizer (ASan), the program leaks memory in various locations, eventually leading to high memory usage and causing the program to become unres | ||
| CVE-2026-22801 | — | < 1.6.43-slfo.1.1_3.1 | 1.6.43-slfo.1.1_3.1 | Jan 12, 2026 | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.6.26 to 1.6.53, there is an integer truncation in the libpng simplified write API functions png_write_image_16bit and png_write_image | ||
| CVE-2026-22695 | — | < 1.6.43-slfo.1.1_3.1 | 1.6.43-slfo.1.1_3.1 | Jan 12, 2026 | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.6.51 to 1.6.53, there is a heap buffer over-read in the libpng simplified API function png_image_finish_read when processing interlac | ||
| CVE-2025-66293 | — | < 1.6.43-slfo.1.1_2.1 | 1.6.43-slfo.1.1_2.1 | Dec 3, 2025 | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512 | ||
| CVE-2025-65018 | — | < 1.6.43-slfo.1.1_2.1 | 1.6.43-slfo.1.1_2.1 | Nov 24, 2025 | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, there is a heap buffer overflow vulnerability in the libpng simplified API function png_image_finish_re | ||
| CVE-2025-64720 | — | < 1.6.43-slfo.1.1_2.1 | 1.6.43-slfo.1.1_2.1 | Nov 24, 2025 | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, an out-of-bounds read vulnerability exists in png_image_read_composite when processing palette images w | ||
| CVE-2025-64506 | — | < 1.6.43-slfo.1.1_2.1 | 1.6.43-slfo.1.1_2.1 | Nov 24, 2025 | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, a heap buffer over-read vulnerability exists in libpng's png_write_image_8bit function when processing | ||
| CVE-2025-64505 | — | < 1.6.43-slfo.1.1_2.1 | 1.6.43-slfo.1.1_2.1 | Nov 24, 2025 | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's png_do_quantize function when processing PNG files with ma |
- affected < 1.6.43-slfo.1.1_5.1fixed 1.6.43-slfo.1.1_5.1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from png_get_PLTE, png_get_tRNS, or png_get_hIST back into the corresponding setter
- affected < 1.6.43-slfo.1.1_4.1fixed 1.6.43-slfo.1.1_4.1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.6.36 through 1.6.55, an out-of-bounds read and write exists in libpng's ARM/AArch64 Neon-optimized palette expansion path. Whe
- affected < 1.6.43-slfo.1.1_4.1fixed 1.6.43-slfo.1.1_4.1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.2.1 through 1.6.55, `png_set_tRNS` and `png_set_PLTE` each alias a heap-allocated buffer between `png_struct` and `png_info`,
- CVE-2026-25646Feb 10, 2026affected < 1.6.43-slfo.1.1_3.1fixed 1.6.43-slfo.1.1_3.1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the png_set_quantize() API function. When the function is called with no hist
- CVE-2025-28164Jan 27, 2026affected < 1.6.43-slfo.1.1_3.1fixed 1.6.43-slfo.1.1_3.1
Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via png_create_read_struct() function.
- CVE-2025-28162Jan 27, 2026affected < 1.6.43-slfo.1.1_3.1fixed 1.6.43-slfo.1.1_3.1
Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via the pngimage with AddressSanitizer (ASan), the program leaks memory in various locations, eventually leading to high memory usage and causing the program to become unres
- CVE-2026-22801Jan 12, 2026affected < 1.6.43-slfo.1.1_3.1fixed 1.6.43-slfo.1.1_3.1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.6.26 to 1.6.53, there is an integer truncation in the libpng simplified write API functions png_write_image_16bit and png_write_image
- CVE-2026-22695Jan 12, 2026affected < 1.6.43-slfo.1.1_3.1fixed 1.6.43-slfo.1.1_3.1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.6.51 to 1.6.53, there is a heap buffer over-read in the libpng simplified API function png_image_finish_read when processing interlac
- CVE-2025-66293Dec 3, 2025affected < 1.6.43-slfo.1.1_2.1fixed 1.6.43-slfo.1.1_2.1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512
- CVE-2025-65018Nov 24, 2025affected < 1.6.43-slfo.1.1_2.1fixed 1.6.43-slfo.1.1_2.1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, there is a heap buffer overflow vulnerability in the libpng simplified API function png_image_finish_re
- CVE-2025-64720Nov 24, 2025affected < 1.6.43-slfo.1.1_2.1fixed 1.6.43-slfo.1.1_2.1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, an out-of-bounds read vulnerability exists in png_image_read_composite when processing palette images w
- CVE-2025-64506Nov 24, 2025affected < 1.6.43-slfo.1.1_2.1fixed 1.6.43-slfo.1.1_2.1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, a heap buffer over-read vulnerability exists in libpng's png_write_image_8bit function when processing
- CVE-2025-64505Nov 24, 2025affected < 1.6.43-slfo.1.1_2.1fixed 1.6.43-slfo.1.1_2.1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's png_do_quantize function when processing PNG files with ma