📦 Libpng

CVE-2025-66293 is an out-of-bounds read vulnerability in libpng's simplified API that allows reading up to 1012 bytes beyond allocated memory when processing valid PNG images with specific characteris...

This CVE describes an out-of-bounds read vulnerability in LIBPNG library versions 1.6.0 through 1.6.50. When processing palette images with PNG_FLAG_OPTIMIZE_ALPHA enabled, the library incorrectly app...

A heap buffer overflow vulnerability in libpng's simplified API allows attackers to execute arbitrary code or cause denial of service by crafting malicious 16-bit interlaced PNG files. This affects ap...

A buffer overflow vulnerability in libpng versions 1.6.43 through 1.6.46 allows local attackers to cause denial of service through memory exhaustion. The vulnerability affects applications that proces...

A buffer overflow vulnerability in libpng versions 1.6.43 through 1.6.46 allows local attackers to cause denial of service by exploiting the png_create_read_struct() function. This affects any applica...

A heap buffer over-read vulnerability in libpng's png_do_quantize function allows attackers to craft malicious PNG files that trigger out-of-bounds memory access. This affects all applications using l...

A heap buffer over-read vulnerability in libpng's png_write_image_8bit function allows reading up to 2 bytes beyond allocated memory boundaries when processing 8-bit images with convert_to_8bit enable...