Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-28162

Опубликовано: 27 янв. 2026
Источник: debian

Описание

Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via the pngimage with AddressSanitizer (ASan), the program leaks memory in various locations, eventually leading to high memory usage and causing the program to become unresponsive

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libpng1.6fixed1.6.47-1package
libpng1.6no-dsabookwormpackage
libpng1.6postponedbullseyepackage

Примечания

  • https://github.com/pnggroup/libpng/issues/656

  • https://github.com/pnggroup/libpng/pull/657

  • Fixed by: https://github.com/pnggroup/libpng/commit/b20e6fb31479868f1d5f5cd268d4776767016941 (v1.6.47)

Связанные уязвимости

ubuntu логотип

CVE-2025-28162

CVSS3: 5.5
ubuntu
11 дней назад

Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via the pngimage with AddressSanitizer (ASan), the program leaks memory in various locations, eventually leading to high memory usage and causing the program to become unresponsive

nvd логотип

CVE-2025-28162

CVSS3: 5.5
nvd
11 дней назад

Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via the pngimage with AddressSanitizer (ASan), the program leaks memory in various locations, eventually leading to high memory usage and causing the program to become unresponsive

github логотип

GHSA-h77p-hrmm-5v85

CVSS3: 5.5
github
11 дней назад

Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via the pngimage with AddressSanitizer (ASan), the program leaks memory in various locations, eventually leading to high memory usage and causing the program to become unresponsive