VulnerableCode Package Details - pkg:deb/debian/libpng1.6@1.6.39-2%2Bdeb12u5

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/libpng1.6@1.6.39-2%2Bdeb12u5

Essentials
History (4)

purl	pkg:deb/debian/libpng1.6@1.6.39-2%2Bdeb12u5

Next non-vulnerable version	1.6.48-1+deb13u5
Latest non-vulnerable version	1.6.48-1+deb13u5
Risk

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-yusd-m9he-3kbj Aliases: CVE-2025-28164	libpng: libpng: Denial of Service via buffer overflow in png_create_read_struct() function	1.6.48-1+deb13u5 Affected by 0 other vulnerabilities.
VCID-zx6x-7hz7-zug3 Aliases: CVE-2025-28162	libpng: libpng: Denial of Service via buffer overflow in pngimage utility	1.6.48-1+deb13u5 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-5qkr-qykw-vqgt		CVE-2026-40930
VCID-u35c-rj5s-fqes	libpng: memory leak of png_info struct in pngcp.c	CVE-2019-6129

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-30T00:26:06.464563+00:00	Debian Importer	Fixing	VCID-u35c-rj5s-fqes	https://security-tracker.debian.org/tracker/data/json	38.6.0
2026-05-30T00:23:45.606643+00:00	Debian Importer	Fixing	VCID-5qkr-qykw-vqgt	https://security-tracker.debian.org/tracker/data/json	38.6.0
2026-05-29T23:31:23.169660+00:00	Debian Importer	Affected by	VCID-zx6x-7hz7-zug3	https://security-tracker.debian.org/tracker/data/json	38.6.0
2026-05-29T22:52:11.906542+00:00	Debian Importer	Affected by	VCID-yusd-m9he-3kbj	https://security-tracker.debian.org/tracker/data/json	38.6.0