CVE-2025-64505

CVE-2025-64505

Name

CVE-2025-64505

Description

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's png_do_quantize function when processing PNG files with malformed palette indices. The vulnerability occurs when palette_lookup array bounds are not validated against externally-supplied image data, allowing an attacker to craft a PNG file with out-of-range palette indices that trigger out-of-bounds memory access. This issue has been patched in version 1.6.51.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
MISC	https://github.com/pnggroup/libpng/commit/6a528eb5fd0dd7f6de1c39d30de0e41473431c37
MISC	https://github.com/pnggroup/libpng/pull/748
CONFIRM	https://github.com/pnggroup/libpng/security/advisories/GHSA-4952-h5wq-4m42

Type

URI

MISC

https://github.com/pnggroup/libpng/commit/6a528eb5fd0dd7f6de1c39d30de0e41473431c37

MISC

https://github.com/pnggroup/libpng/pull/748

CONFIRM

https://github.com/pnggroup/libpng/security/advisories/GHSA-4952-h5wq-4m42

CPE URI	Source package	Min version	Max version
	libpng	>= 0	< 1.6.51

CPE URI

Source package

Min version

Max version

libpng

>= 0

< 1.6.51

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
libpng	edge-main	1.6.51-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
libpng	edge-main	1.6.49-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
libpng	edge-main	1.6.47-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
libpng	edge-main	1.6.46-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
libpng	edge-main	1.6.45-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
libpng	edge-main	1.6.44-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
libpng	edge-main	1.6.37-r0	None	possibly vulnerable
libpng	3.22-main	1.6.51-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
libpng	3.22-main	1.6.47-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
libpng	3.22-main	1.6.37-r0	None	possibly vulnerable
libpng	3.21-main	1.6.47-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
libpng	3.21-main	1.6.44-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
libpng	3.21-main	1.6.37-r0	None	possibly vulnerable
libpng	3.20-main	1.6.44-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
libpng	3.20-main	1.6.37-r0	None	possibly vulnerable
libpng	3.19-main	1.6.44-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
libpng	3.19-main	1.6.37-r0	None	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages