Search for packages
| purl | pkg:rpm/redhat/libpng@2:1.5.13-7?arch=el7_2 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 3.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-9d14-kqac-nbbt
Aliases: CVE-2015-8472 |
Improper Restriction of Operations within the Bounds of a Memory Buffer Buffer overflow in the png_set_PLTE function in libpng allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8126. | There are no reported fixed by versions. |
|
VCID-cu24-1rcd-93g3
Aliases: CVE-2015-8126 |
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:38:50.446414+00:00 | RedHat Importer | Affected by | VCID-9d14-kqac-nbbt | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8472.json | 38.0.0 |
| 2026-04-01T14:38:49.869173+00:00 | RedHat Importer | Affected by | VCID-cu24-1rcd-93g3 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8126.json | 38.0.0 |