Search for packages
| purl | pkg:deb/debian/libpng@1.2.44-1%2Bsqueeze4 |
| Next non-vulnerable version | 1.2.50-2+deb8u3 |
| Latest non-vulnerable version | 1.2.50-2+deb8u3 |
| Risk | 4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2vwq-s4y4-aaae
Aliases: CVE-2015-8126 |
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. |
Affected by 4 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-52ek-nmkc-aaaf
Aliases: CVE-2015-8540 |
Out-of-bounds Read Integer underflow in the png_check_keyword function in pngwutil.c in libpng allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read. |
Affected by 4 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-canc-ytmr-aaae
Aliases: CVE-2015-8472 |
Improper Restriction of Operations within the Bounds of a Memory Buffer Buffer overflow in the png_set_PLTE function in libpng allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8126. |
Affected by 4 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-t8mn-b96e-aaaj
Aliases: CVE-2015-7981 |
Exposure of Sensitive Information to an Unauthorized Actor The png_convert_to_rfc1123 function in png.c in libpng allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read. |
Affected by 4 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T10:03:18.979629+00:00 | Debian Oval Importer | Affected by | VCID-52ek-nmkc-aaaf | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.3 |
| 2025-06-21T09:59:01.344107+00:00 | Debian Oval Importer | Affected by | VCID-2vwq-s4y4-aaae | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.3 |
| 2025-06-21T09:51:45.477018+00:00 | Debian Oval Importer | Affected by | VCID-t8mn-b96e-aaaj | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.3 |
| 2025-06-21T09:31:49.268139+00:00 | Debian Oval Importer | Affected by | VCID-canc-ytmr-aaae | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.3 |
| 2025-06-21T09:18:36.213251+00:00 | Debian Oval Importer | Affected by | VCID-52ek-nmkc-aaaf | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-21T09:06:33.700488+00:00 | Debian Oval Importer | Affected by | VCID-canc-ytmr-aaae | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-21T09:05:17.235488+00:00 | Debian Oval Importer | Affected by | VCID-2vwq-s4y4-aaae | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-21T08:59:55.079230+00:00 | Debian Oval Importer | Affected by | VCID-t8mn-b96e-aaaj | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-20T19:23:14.760303+00:00 | Debian Oval Importer | Affected by | VCID-canc-ytmr-aaae | None | 36.1.3 |
| 2025-06-20T19:22:52.048670+00:00 | Debian Oval Importer | Affected by | VCID-t8mn-b96e-aaaj | None | 36.1.3 |
| 2025-06-08T03:52:27.387461+00:00 | Debian Oval Importer | Affected by | VCID-52ek-nmkc-aaaf | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.0 |
| 2025-06-08T03:48:05.338063+00:00 | Debian Oval Importer | Affected by | VCID-2vwq-s4y4-aaae | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.0 |
| 2025-06-08T03:40:26.183024+00:00 | Debian Oval Importer | Affected by | VCID-t8mn-b96e-aaaj | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.0 |
| 2025-06-08T03:20:15.636645+00:00 | Debian Oval Importer | Affected by | VCID-canc-ytmr-aaae | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.0 |
| 2025-06-08T03:06:25.254481+00:00 | Debian Oval Importer | Affected by | VCID-52ek-nmkc-aaaf | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-08T02:53:43.098447+00:00 | Debian Oval Importer | Affected by | VCID-canc-ytmr-aaae | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-08T02:52:21.685302+00:00 | Debian Oval Importer | Affected by | VCID-2vwq-s4y4-aaae | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-08T02:46:43.529604+00:00 | Debian Oval Importer | Affected by | VCID-t8mn-b96e-aaaj | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-07T13:22:05.792730+00:00 | Debian Oval Importer | Affected by | VCID-canc-ytmr-aaae | None | 36.1.0 |
| 2025-06-07T13:21:44.392696+00:00 | Debian Oval Importer | Affected by | VCID-t8mn-b96e-aaaj | None | 36.1.0 |
| 2025-06-03T13:21:28.897785+00:00 | Debian Oval Importer | Affected by | VCID-canc-ytmr-aaae | None | 36.1.2 |
| 2025-06-03T13:21:07.629587+00:00 | Debian Oval Importer | Affected by | VCID-t8mn-b96e-aaaj | None | 36.1.2 |
| 2025-04-08T02:20:19.622724+00:00 | Debian Oval Importer | Affected by | VCID-52ek-nmkc-aaaf | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.0.0 |
| 2025-04-08T02:15:52.781528+00:00 | Debian Oval Importer | Affected by | VCID-2vwq-s4y4-aaae | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.0.0 |
| 2025-04-08T02:08:16.025260+00:00 | Debian Oval Importer | Affected by | VCID-t8mn-b96e-aaaj | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.0.0 |
| 2025-04-08T01:47:40.238221+00:00 | Debian Oval Importer | Affected by | VCID-canc-ytmr-aaae | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.0.0 |
| 2025-04-08T01:33:38.931088+00:00 | Debian Oval Importer | Affected by | VCID-52ek-nmkc-aaaf | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-08T01:20:58.306060+00:00 | Debian Oval Importer | Affected by | VCID-canc-ytmr-aaae | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-08T01:19:36.282778+00:00 | Debian Oval Importer | Affected by | VCID-2vwq-s4y4-aaae | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-08T01:13:54.122160+00:00 | Debian Oval Importer | Affected by | VCID-t8mn-b96e-aaaj | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-07T11:57:36.344754+00:00 | Debian Oval Importer | Affected by | VCID-canc-ytmr-aaae | None | 36.0.0 |
| 2025-04-07T11:57:14.673098+00:00 | Debian Oval Importer | Affected by | VCID-t8mn-b96e-aaaj | None | 36.0.0 |