VDB

GCVE-VVD-MAGEIA-2025-314

GCVE-VVD-MAGEIA-2025-314
Advisory Published
Vulnetix · Advisory published December 1, 2025
LIBPNG is vulnerable to a heap buffer overflow in `png_do_quantize` via malformed palette index. (CVE-2025-64505) LIBPNG is vulnerable to a heap buffer over-read in `png_write_image_8bit` with grayscale+alpha or RGB/RGBA images. (CVE-2025-64506) LIBPNG is vulnerable to a buffer overflow in `png_image_read_composite` via incorrect palette premultiplication. (CVE-2025-64720) LIBPNG is vulnerable to a heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read`. (CVE-2025-65018)
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageialibpng0 (affected), 1.6.38-1.1.mga9 (unaffected)

References

Updated libpng packages fix security vulnerabilities
advisory
Updated libpng packages fix security vulnerabilities
issue
Updated libpng packages fix security vulnerabilities
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›