VDB

GCVE-VVD-MAGEIA-2026-24

GCVE-VVD-MAGEIA-2026-24
Advisory Published
Vulnetix · Advisory published March 31, 2026
LIBPNG is vulnerable to a buffer overflow in `png_image_read_composite` via incorrect palette premultiplication. (CVE-2025-64720) LIBPNG is vulnerable to a heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read`. (CVE-2025-65018) Improve JMX connections. (CVE-2026-21925) Improve HttpServer Request handling. (CVE-2026-21933) Enhance Certificate Checking. (CVE-2026-21945)
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiazynaddsubfx0 (affected), 3.0.6-1.1.mga9 (unaffected)
Mageiajava-11-openjdk0 (affected), 11.0.30.0.7-1.mga9 (unaffected), 0 (affected), 11.0.30.0.7-1.mga9 (unaffected)
Mageiajava-17-openjdk0 (affected), 17.0.18.0.8-1.mga9 (unaffected), 0 (affected), 17.0.18.0.8-1.mga9 (unaffected)
Mageiajava-1.8.0-openjdk0 (affected), 1.8.0.482.b08-1.mga9 (unaffected), 0 (affected), 1.8.0.482.b08-1.mga9 (unaffected)
Mageiajava-latest-openjdk0 (affected), 25.0.2.0.10-1.rolling.1.mga9 (unaffected), 0 (affected), 25.0.2.0.10-1.rolling.1.mga9 (unaffected)

References

Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, and java-latest-openjdk packages fix security vulnerabilities
advisory
Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, and java-latest-openjdk packages fix security vulnerabilities
issue
Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, and java-latest-openjdk packages fix security vulnerabilities
issue
Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, and java-latest-openjdk packages fix security vulnerabilities
advisory
Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, and java-latest-openjdk packages fix security vulnerabilities
advisory
Updated zynaddsubfx packages fix bug
advisory
Updated zynaddsubfx packages fix bug
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›