Search for packages
| purl | pkg:deb/debian/libpng1.6@1.6.28-1%2Bdeb9u1 |
| Next non-vulnerable version | 1.6.39-2+deb12u4 |
| Latest non-vulnerable version | 1.6.57-1 |
| Risk | 4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2xdm-ndp3-47f4
Aliases: CVE-2018-14048 |
Improper Handling of Exceptional Conditions An issue has been found in libpng It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image. |
Affected by 14 other vulnerabilities. |
|
VCID-663w-wmsg-zkc5
Aliases: CVE-2018-14550 GHSA-qwwr-qc2p-6283 |
Out-of-bounds Write An issue has been found in third-party PNM decoding associated with libpng It is a stack-based buffer overflow in the function get_token in pnm2png.c in pnm2png. |
Affected by 14 other vulnerabilities. |
|
VCID-7923-9g38-jqc3
Aliases: CVE-2025-65018 |
Multiple vulnerabilities have been discovered in libpng, the worst of which could lead to execution of arbitrary code. |
Affected by 3 other vulnerabilities. |
|
VCID-7qam-er5a-gbas
Aliases: CVE-2026-22801 |
libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API |
Affected by 3 other vulnerabilities. |
|
VCID-8g2j-rqsk-zqfh
Aliases: CVE-2017-12652 |
Improper Input Validation libpng does not properly check the length of chunks against the user limit. |
Affected by 12 other vulnerabilities. |
|
VCID-dm7h-c7wt-1kbs
Aliases: CVE-2026-33416 |
libpng: libpng: Arbitrary code execution due to use-after-free vulnerability |
Affected by 3 other vulnerabilities. |
|
VCID-fx8t-41tv-hkdu
Aliases: CVE-2019-7317 |
Use After Free png_image_free in png.c in libpng has a use-after-free because png_image_free_function is called under png_safe_execute. |
Affected by 12 other vulnerabilities. |
|
VCID-j7dk-wzkm-tfcr
Aliases: CVE-2025-66293 |
libpng: LIBPNG out-of-bounds read in png_image_read_composite |
Affected by 3 other vulnerabilities. |
|
VCID-kwag-k17x-kyaj
Aliases: CVE-2025-64505 |
Multiple vulnerabilities have been discovered in libpng, the worst of which could lead to execution of arbitrary code. |
Affected by 3 other vulnerabilities. |
|
VCID-n4kj-urjq-2uav
Aliases: CVE-2025-64720 |
Multiple vulnerabilities have been discovered in libpng, the worst of which could lead to execution of arbitrary code. |
Affected by 3 other vulnerabilities. |
|
VCID-p6b5-1ba6-b3f8
Aliases: CVE-2025-64506 |
Multiple vulnerabilities have been discovered in libpng, the worst of which could lead to execution of arbitrary code. |
Affected by 3 other vulnerabilities. |
|
VCID-ptgq-884e-mkft
Aliases: CVE-2026-33636 |
libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion |
Affected by 3 other vulnerabilities. |
|
VCID-q3qv-kycc-eqfw
Aliases: CVE-2018-13785 |
Divide By Zero In libpng, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service. |
Affected by 12 other vulnerabilities. |
|
VCID-rm7f-ybuf-dyfq
Aliases: CVE-2026-22695 |
libpng: libpng: Denial of service and information disclosure via heap buffer over-read in png_image_finish_read |
Affected by 3 other vulnerabilities. |
|
VCID-xyhj-84d1-dqh3
Aliases: CVE-2026-25646 |
libpng: LIBPNG has a heap buffer overflow in png_set_quantize |
Affected by 3 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||