CVE-2025-28164

Опубликовано: 27 янв. 2026

Источник: debian

EPSS Низкий

Описание

Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via png_create_read_struct() function.

Пакет	Статус	Версия исправления	Релиз	Тип
libpng1.6	fixed	1.6.47-1		package

https://github.com/pnggroup/libpng/issues/655
https://github.com/pnggroup/libpng/pull/657
Fixed by: https://github.com/pnggroup/libpng/commit/b20e6fb31479868f1d5f5cd268d4776767016941 (v1.6.47)
No security impact, memory leak in CLI tool

EPSS

Процентиль: 2%

0.00014

Низкий

CVE-2025-28164

CVSS3: 5.5

ubuntu

12 дней назад

Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via png_create_read_struct() function.

CVE-2025-28164

CVSS3: 5.5

nvd

12 дней назад

Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via png_create_read_struct() function.

GHSA-gjxw-mrg7-952f

CVSS3: 5.5

github

12 дней назад

Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via png_create_read_struct() function.

SUSE-SU-2026:0364-1

suse-cvrf

5 дней назад

Security update for libpng16

EPSS

Процентиль: 2%

0.00014

Низкий