Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:ebuild/media-libs/libpng@1.6.21
purl pkg:ebuild/media-libs/libpng@1.6.21
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (3)
Vulnerability Summary Aliases
VCID-ajs9-y6dt-5fhj Out-of-bounds Read Integer underflow in the png_check_keyword function in pngwutil.c in libpng allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read. CVE-2015-8540
VCID-cu24-1rcd-93g3 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. CVE-2015-8126
VCID-yga5-gj6n-byga Exposure of Sensitive Information to an Unauthorized Actor The png_convert_to_rfc1123 function in png.c in libpng allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read. CVE-2015-7981

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T13:02:50.205679+00:00 Gentoo Importer Fixing VCID-ajs9-y6dt-5fhj https://security.gentoo.org/glsa/201611-08 38.0.0
2026-04-01T13:02:50.185817+00:00 Gentoo Importer Fixing VCID-cu24-1rcd-93g3 https://security.gentoo.org/glsa/201611-08 38.0.0
2026-04-01T13:02:50.164617+00:00 Gentoo Importer Fixing VCID-yga5-gj6n-byga https://security.gentoo.org/glsa/201611-08 38.0.0