Django REST framework
Api Root
Vulnerability List
Vulnerability Instance
Format
json
api
admin
Vulnerability Instance
Lookup for vulnerabilities affecting packages.
Vulnerability_id
VCID-bcp5-yseg-gbgu
Summary
libpng: libpng: Information disclosure and data corruption via use-after-free vulnerability
Aliases
0
alias
CVE-2026-34757
Fixed_packages
0
url
pkg:apk/alpine/libpng@1.6.57-r0?arch=aarch64&distroversion=v3.23&reponame=main
purl
pkg:apk/alpine/libpng@1.6.57-r0?arch=aarch64&distroversion=v3.23&reponame=main
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libpng@1.6.57-r0%3Farch=aarch64&distroversion=v3.23&reponame=main
1
url
pkg:apk/alpine/libpng@1.6.57-r0?arch=armhf&distroversion=v3.23&reponame=main
purl
pkg:apk/alpine/libpng@1.6.57-r0?arch=armhf&distroversion=v3.23&reponame=main
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libpng@1.6.57-r0%3Farch=armhf&distroversion=v3.23&reponame=main
2
url
pkg:apk/alpine/libpng@1.6.57-r0?arch=armv7&distroversion=v3.23&reponame=main
purl
pkg:apk/alpine/libpng@1.6.57-r0?arch=armv7&distroversion=v3.23&reponame=main
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libpng@1.6.57-r0%3Farch=armv7&distroversion=v3.23&reponame=main
3
url
pkg:apk/alpine/libpng@1.6.57-r0?arch=loongarch64&distroversion=v3.23&reponame=main
purl
pkg:apk/alpine/libpng@1.6.57-r0?arch=loongarch64&distroversion=v3.23&reponame=main
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libpng@1.6.57-r0%3Farch=loongarch64&distroversion=v3.23&reponame=main
4
url
pkg:apk/alpine/libpng@1.6.57-r0?arch=ppc64le&distroversion=v3.23&reponame=main
purl
pkg:apk/alpine/libpng@1.6.57-r0?arch=ppc64le&distroversion=v3.23&reponame=main
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libpng@1.6.57-r0%3Farch=ppc64le&distroversion=v3.23&reponame=main
5
url
pkg:apk/alpine/libpng@1.6.57-r0?arch=riscv64&distroversion=v3.23&reponame=main
purl
pkg:apk/alpine/libpng@1.6.57-r0?arch=riscv64&distroversion=v3.23&reponame=main
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libpng@1.6.57-r0%3Farch=riscv64&distroversion=v3.23&reponame=main
6
url
pkg:apk/alpine/libpng@1.6.57-r0?arch=s390x&distroversion=v3.23&reponame=main
purl
pkg:apk/alpine/libpng@1.6.57-r0?arch=s390x&distroversion=v3.23&reponame=main
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libpng@1.6.57-r0%3Farch=s390x&distroversion=v3.23&reponame=main
7
url
pkg:apk/alpine/libpng@1.6.57-r0?arch=x86&distroversion=v3.23&reponame=main
purl
pkg:apk/alpine/libpng@1.6.57-r0?arch=x86&distroversion=v3.23&reponame=main
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libpng@1.6.57-r0%3Farch=x86&distroversion=v3.23&reponame=main
8
url
pkg:apk/alpine/libpng@1.6.57-r0?arch=x86_64&distroversion=v3.23&reponame=main
purl
pkg:apk/alpine/libpng@1.6.57-r0?arch=x86_64&distroversion=v3.23&reponame=main
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libpng@1.6.57-r0%3Farch=x86_64&distroversion=v3.23&reponame=main
9
url
pkg:apk/alpine/libpng@1.6.57-r0?arch=aarch64&distroversion=v3.21&reponame=main
purl
pkg:apk/alpine/libpng@1.6.57-r0?arch=aarch64&distroversion=v3.21&reponame=main
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libpng@1.6.57-r0%3Farch=aarch64&distroversion=v3.21&reponame=main
10
url
pkg:apk/alpine/libpng@1.6.57-r0?arch=armhf&distroversion=v3.21&reponame=main
purl
pkg:apk/alpine/libpng@1.6.57-r0?arch=armhf&distroversion=v3.21&reponame=main
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libpng@1.6.57-r0%3Farch=armhf&distroversion=v3.21&reponame=main
11
url
pkg:apk/alpine/libpng@1.6.57-r0?arch=armv7&distroversion=v3.21&reponame=main
purl
pkg:apk/alpine/libpng@1.6.57-r0?arch=armv7&distroversion=v3.21&reponame=main
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libpng@1.6.57-r0%3Farch=armv7&distroversion=v3.21&reponame=main
12
url
pkg:apk/alpine/libpng@1.6.57-r0?arch=loongarch64&distroversion=v3.21&reponame=main
purl
pkg:apk/alpine/libpng@1.6.57-r0?arch=loongarch64&distroversion=v3.21&reponame=main
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libpng@1.6.57-r0%3Farch=loongarch64&distroversion=v3.21&reponame=main
13
url
pkg:apk/alpine/libpng@1.6.57-r0?arch=ppc64le&distroversion=v3.21&reponame=main
purl
pkg:apk/alpine/libpng@1.6.57-r0?arch=ppc64le&distroversion=v3.21&reponame=main
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libpng@1.6.57-r0%3Farch=ppc64le&distroversion=v3.21&reponame=main
14
url
pkg:apk/alpine/libpng@1.6.57-r0?arch=riscv64&distroversion=v3.21&reponame=main
purl
pkg:apk/alpine/libpng@1.6.57-r0?arch=riscv64&distroversion=v3.21&reponame=main
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libpng@1.6.57-r0%3Farch=riscv64&distroversion=v3.21&reponame=main
15
url
pkg:apk/alpine/libpng@1.6.57-r0?arch=s390x&distroversion=v3.21&reponame=main
purl
pkg:apk/alpine/libpng@1.6.57-r0?arch=s390x&distroversion=v3.21&reponame=main
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libpng@1.6.57-r0%3Farch=s390x&distroversion=v3.21&reponame=main
16
url
pkg:apk/alpine/libpng@1.6.57-r0?arch=x86&distroversion=v3.21&reponame=main
purl
pkg:apk/alpine/libpng@1.6.57-r0?arch=x86&distroversion=v3.21&reponame=main
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libpng@1.6.57-r0%3Farch=x86&distroversion=v3.21&reponame=main
17
url
pkg:apk/alpine/libpng@1.6.57-r0?arch=x86_64&distroversion=v3.21&reponame=main
purl
pkg:apk/alpine/libpng@1.6.57-r0?arch=x86_64&distroversion=v3.21&reponame=main
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libpng@1.6.57-r0%3Farch=x86_64&distroversion=v3.21&reponame=main
18
url
pkg:deb/debian/libpng1.6@1.6.37-3?distro=trixie
purl
pkg:deb/debian/libpng1.6@1.6.37-3?distro=trixie
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-5q66-zeyz-rfdb
1
vulnerability
VCID-5rgq-xe5s-kkfc
2
vulnerability
VCID-gk3z-6dp9-73cd
3
vulnerability
VCID-gtdx-fb61-ykbv
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpng1.6@1.6.37-3%3Fdistro=trixie
19
url
pkg:deb/debian/libpng1.6@1.6.37-3%2Bdeb11u4?distro=trixie
purl
pkg:deb/debian/libpng1.6@1.6.37-3%2Bdeb11u4?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpng1.6@1.6.37-3%252Bdeb11u4%3Fdistro=trixie
20
url
pkg:deb/debian/libpng1.6@1.6.39-2%2Bdeb12u5?distro=trixie
purl
pkg:deb/debian/libpng1.6@1.6.39-2%2Bdeb12u5?distro=trixie
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-5q66-zeyz-rfdb
1
vulnerability
VCID-gtdx-fb61-ykbv
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpng1.6@1.6.39-2%252Bdeb12u5%3Fdistro=trixie
21
url
pkg:deb/debian/libpng1.6@1.6.48-1%2Bdeb13u5?distro=trixie
purl
pkg:deb/debian/libpng1.6@1.6.48-1%2Bdeb13u5?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpng1.6@1.6.48-1%252Bdeb13u5%3Fdistro=trixie
22
url
pkg:deb/debian/libpng1.6@1.6.57-1?distro=trixie
purl
pkg:deb/debian/libpng1.6@1.6.57-1?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpng1.6@1.6.57-1%3Fdistro=trixie
23
url
pkg:deb/debian/libpng1.6@1.6.58-1?distro=trixie
purl
pkg:deb/debian/libpng1.6@1.6.58-1?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpng1.6@1.6.58-1%3Fdistro=trixie
Affected_packages
0
url
pkg:rpm/redhat/libpng-main@1.6.57-0.1?arch=hum1
purl
pkg:rpm/redhat/libpng-main@1.6.57-0.1?arch=hum1
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-bcp5-yseg-gbgu
resource_url
http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libpng-main@1.6.57-0.1%3Farch=hum1
References
0
reference_url
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34757.json
reference_id
reference_type
scores
0
value
4.4
scoring_system
cvssv3
scoring_elements
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34757.json
1
reference_url
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value
5.1
scoring_system
cvssv3.1
scoring_elements
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133051
reference_id
1133051
reference_type
scores
url
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133051
3
reference_url
https://bugzilla.redhat.com/show_bug.cgi?id=2456918
reference_id
2456918
reference_type
scores
url
https://bugzilla.redhat.com/show_bug.cgi?id=2456918
4
reference_url
https://github.com/pnggroup/libpng/commit/398cbe3df03f4e11bb031e07f416dfdde3684e8a
reference_id
398cbe3df03f4e11bb031e07f416dfdde3684e8a
reference_type
scores
0
value
5.1
scoring_system
cvssv3.1
scoring_elements
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value
Track
scoring_system
ssvc
scoring_elements
SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-09T16:07:19Z/
url
https://github.com/pnggroup/libpng/commit/398cbe3df03f4e11bb031e07f416dfdde3684e8a
5
reference_url
https://github.com/pnggroup/libpng/commit/55d20aaa322c9274491cda82c5cd4f99b48c6bcc
reference_id
55d20aaa322c9274491cda82c5cd4f99b48c6bcc
reference_type
scores
0
value
5.1
scoring_system
cvssv3.1
scoring_elements
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value
Track
scoring_system
ssvc
scoring_elements
SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-09T16:07:19Z/
url
https://github.com/pnggroup/libpng/commit/55d20aaa322c9274491cda82c5cd4f99b48c6bcc
6
reference_url
https://github.com/pnggroup/libpng/issues/836
reference_id
836
reference_type
scores
0
value
5.1
scoring_system
cvssv3.1
scoring_elements
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value
Track
scoring_system
ssvc
scoring_elements
SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-09T16:07:19Z/
url
https://github.com/pnggroup/libpng/issues/836
7
reference_url
https://github.com/pnggroup/libpng/issues/837
reference_id
837
reference_type
scores
0
value
5.1
scoring_system
cvssv3.1
scoring_elements
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value
Track
scoring_system
ssvc
scoring_elements
SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-09T16:07:19Z/
url
https://github.com/pnggroup/libpng/issues/837
8
reference_url
https://github.com/pnggroup/libpng/security/advisories/GHSA-6fr7-g8h7-v645
reference_id
GHSA-6fr7-g8h7-v645
reference_type
scores
0
value
5.1
scoring_system
cvssv3.1
scoring_elements
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value
Track
scoring_system
ssvc
scoring_elements
SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-09T16:07:19Z/
url
https://github.com/pnggroup/libpng/security/advisories/GHSA-6fr7-g8h7-v645
9
reference_url
https://access.redhat.com/errata/RHSA-2026:13719
reference_id
RHSA-2026:13719
reference_type
scores
url
https://access.redhat.com/errata/RHSA-2026:13719
Weaknesses
0
cwe_id
825
name
Expired Pointer Dereference
description
The product dereferences a pointer that contains a location for memory that was previously valid, but is no longer valid.
1
cwe_id
416
name
Use After Free
description
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.
Exploits
Severity_range_score
4.4 - 5.1
Exploitability
0.5
Weighted_severity
4.0
Risk_score
2.0
Resource_url
http://public2.vulnerablecode.io/vulnerabilities/VCID-bcp5-yseg-gbgu
×
Create
None
×
Edit
None