Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-33416 (GCVE-0-2026-33416)
Vulnerability from cvelistv5 – Published: 2026-03-26 16:48 – Updated: 2026-04-01 03:55- CWE-416 - Use After Free
| URL | Tags |
|---|---|
| https://github.com/pnggroup/libpng/security/advis… | x_refsource_CONFIRM |
| https://github.com/pnggroup/libpng/pull/824 | x_refsource_MISC |
| https://github.com/pnggroup/libpng/commit/2301926… | x_refsource_MISC |
| https://github.com/pnggroup/libpng/commit/7ea9eea… | x_refsource_MISC |
| https://github.com/pnggroup/libpng/commit/a3a2144… | x_refsource_MISC |
| https://github.com/pnggroup/libpng/commit/c1b0318… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-33416",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-31T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T03:55:17.603Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "libpng",
"vendor": "pnggroup",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.2.1, \u003c 1.6.56"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.2.1 through 1.6.55, `png_set_tRNS` and `png_set_PLTE` each alias a heap-allocated buffer between `png_struct` and `png_info`, sharing a single allocation across two structs with independent lifetimes. The `trans_alpha` aliasing has been present since at least libpng 1.0, and the `palette` aliasing since at least 1.2.1. Both affect all prior release lines `png_set_tRNS` sets `png_ptr-\u003etrans_alpha = info_ptr-\u003etrans_alpha` (256-byte buffer) and `png_set_PLTE` sets `info_ptr-\u003epalette = png_ptr-\u003epalette` (768-byte buffer). In both cases, calling `png_free_data` (with `PNG_FREE_TRNS` or `PNG_FREE_PLTE`) frees the buffer through `info_ptr` while the corresponding `png_ptr` pointer remains dangling. Subsequent row-transform functions dereference and, in some code paths, write to the freed memory. A second call to `png_set_tRNS` or `png_set_PLTE` has the same effect, because both functions call `png_free_data` internally before reallocating the `info_ptr` buffer. Version 1.6.56 fixes the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-26T16:48:54.174Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/pnggroup/libpng/security/advisories/GHSA-m4pc-p4q3-4c7j",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-m4pc-p4q3-4c7j"
},
{
"name": "https://github.com/pnggroup/libpng/pull/824",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pnggroup/libpng/pull/824"
},
{
"name": "https://github.com/pnggroup/libpng/commit/23019269764e35ed8458e517f1897bd3c54820eb",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pnggroup/libpng/commit/23019269764e35ed8458e517f1897bd3c54820eb"
},
{
"name": "https://github.com/pnggroup/libpng/commit/7ea9eea884a2328cc7fdcb3c0c00246a50d90667",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pnggroup/libpng/commit/7ea9eea884a2328cc7fdcb3c0c00246a50d90667"
},
{
"name": "https://github.com/pnggroup/libpng/commit/a3a21443ed12bfa1ef46fa0d4fb2b74a0fa34a25",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pnggroup/libpng/commit/a3a21443ed12bfa1ef46fa0d4fb2b74a0fa34a25"
},
{
"name": "https://github.com/pnggroup/libpng/commit/c1b0318b393c90679e6fa5bc1d329fd5d5012ec1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pnggroup/libpng/commit/c1b0318b393c90679e6fa5bc1d329fd5d5012ec1"
}
],
"source": {
"advisory": "GHSA-m4pc-p4q3-4c7j",
"discovery": "UNKNOWN"
},
"title": "LIBPNG has use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE`"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-33416",
"datePublished": "2026-03-26T16:48:54.174Z",
"dateReserved": "2026-03-19T17:02:34.172Z",
"dateUpdated": "2026-04-01T03:55:17.603Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-33416",
"date": "2026-07-03",
"epss": "0.01052",
"percentile": "0.60174"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-33416\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-03-26T17:16:38.443\",\"lastModified\":\"2026-06-17T10:37:27.583\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.2.1 through 1.6.55, `png_set_tRNS` and `png_set_PLTE` each alias a heap-allocated buffer between `png_struct` and `png_info`, sharing a single allocation across two structs with independent lifetimes. The `trans_alpha` aliasing has been present since at least libpng 1.0, and the `palette` aliasing since at least 1.2.1. Both affect all prior release lines `png_set_tRNS` sets `png_ptr-\u003etrans_alpha = info_ptr-\u003etrans_alpha` (256-byte buffer) and `png_set_PLTE` sets `info_ptr-\u003epalette = png_ptr-\u003epalette` (768-byte buffer). In both cases, calling `png_free_data` (with `PNG_FREE_TRNS` or `PNG_FREE_PLTE`) frees the buffer through `info_ptr` while the corresponding `png_ptr` pointer remains dangling. Subsequent row-transform functions dereference and, in some code paths, write to the freed memory. A second call to `png_set_tRNS` or `png_set_PLTE` has the same effect, because both functions call `png_free_data` internally before reallocating the `info_ptr` buffer. Version 1.6.56 fixes the issue.\"},{\"lang\":\"es\",\"value\":\"LIBPNG es una biblioteca de referencia para su uso en aplicaciones que leen, crean y manipulan archivos de imagen r\u00e1ster PNG (Portable Network Graphics). En las versiones 1.2.1 a 1.6.55, \u0027png_set_tRNS\u0027 y \u0027png_set_PLTE\u0027 cada una aliasan un b\u00fafer asignado en el heap entre \u0027png_struct\u0027 y \u0027png_info\u0027, compartiendo una \u00fanica asignaci\u00f3n entre dos estructuras con vidas \u00fatiles independientes. El aliasing de \u0027trans_alpha\u0027 ha estado presente desde al menos libpng 1.0, y el aliasing de \u0027palette\u0027 desde al menos 1.2.1. Ambos afectan a todas las l\u00edneas de versiones anteriores: \u0027png_set_tRNS\u0027 establece \u0027png_ptr-\u0026gt;trans_alpha = info_ptr-\u0026gt;trans_alpha\u0027 (b\u00fafer de 256 bytes) y \u0027png_set_PLTE\u0027 establece \u0027info_ptr-\u0026gt;palette = png_ptr-\u0026gt;palette\u0027 (b\u00fafer de 768 bytes). En ambos casos, llamar a \u0027png_free_data\u0027 (con \u0027PNG_FREE_TRNS\u0027 o \u0027PNG_FREE_PLTE\u0027) libera el b\u00fafer a trav\u00e9s de \u0027info_ptr\u0027 mientras que el puntero \u0027png_ptr\u0027 correspondiente permanece colgante. Las funciones de transformaci\u00f3n de fila subsiguientes desreferencian y, en algunas rutas de c\u00f3digo, escriben en la memoria liberada. Una segunda llamada a \u0027png_set_tRNS\u0027 o \u0027png_set_PLTE\u0027 tiene el mismo efecto, porque ambas funciones llaman internamente a \u0027png_free_data\u0027 antes de reasignar el b\u00fafer de \u0027info_ptr\u0027. La versi\u00f3n 1.6.56 corrige el problema.\"}],\"affected\":[{\"source\":\"security-advisories@github.com\",\"affectedData\":[{\"vendor\":\"pnggroup\",\"product\":\"libpng\",\"versions\":[{\"version\":\"\u003e= 1.2.1, \u003c 1.6.56\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":5.9}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-03-31T00:00:00+00:00\",\"id\":\"CVE-2026-33416\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"total\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.2.1\",\"versionEndExcluding\":\"1.6.56\",\"matchCriteriaId\":\"C54F2804-F7D5-4BC5-B39A-44300C6A6F98\"}]}]}],\"references\":[{\"url\":\"https://github.com/pnggroup/libpng/commit/23019269764e35ed8458e517f1897bd3c54820eb\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/pnggroup/libpng/commit/7ea9eea884a2328cc7fdcb3c0c00246a50d90667\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/pnggroup/libpng/commit/a3a21443ed12bfa1ef46fa0d4fb2b74a0fa34a25\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/pnggroup/libpng/commit/c1b0318b393c90679e6fa5bc1d329fd5d5012ec1\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/pnggroup/libpng/pull/824\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Issue Tracking\"]},{\"url\":\"https://github.com/pnggroup/libpng/security/advisories/GHSA-m4pc-p4q3-4c7j\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-33416\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-26T19:49:05.196519Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-26T19:50:41.189Z\"}}], \"cna\": {\"title\": \"LIBPNG has use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE`\", \"source\": {\"advisory\": \"GHSA-m4pc-p4q3-4c7j\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"pnggroup\", \"product\": \"libpng\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 1.2.1, \u003c 1.6.56\"}]}], \"references\": [{\"url\": \"https://github.com/pnggroup/libpng/security/advisories/GHSA-m4pc-p4q3-4c7j\", \"name\": \"https://github.com/pnggroup/libpng/security/advisories/GHSA-m4pc-p4q3-4c7j\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/pnggroup/libpng/pull/824\", \"name\": \"https://github.com/pnggroup/libpng/pull/824\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/pnggroup/libpng/commit/23019269764e35ed8458e517f1897bd3c54820eb\", \"name\": \"https://github.com/pnggroup/libpng/commit/23019269764e35ed8458e517f1897bd3c54820eb\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/pnggroup/libpng/commit/7ea9eea884a2328cc7fdcb3c0c00246a50d90667\", \"name\": \"https://github.com/pnggroup/libpng/commit/7ea9eea884a2328cc7fdcb3c0c00246a50d90667\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/pnggroup/libpng/commit/a3a21443ed12bfa1ef46fa0d4fb2b74a0fa34a25\", \"name\": \"https://github.com/pnggroup/libpng/commit/a3a21443ed12bfa1ef46fa0d4fb2b74a0fa34a25\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/pnggroup/libpng/commit/c1b0318b393c90679e6fa5bc1d329fd5d5012ec1\", \"name\": \"https://github.com/pnggroup/libpng/commit/c1b0318b393c90679e6fa5bc1d329fd5d5012ec1\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.2.1 through 1.6.55, `png_set_tRNS` and `png_set_PLTE` each alias a heap-allocated buffer between `png_struct` and `png_info`, sharing a single allocation across two structs with independent lifetimes. The `trans_alpha` aliasing has been present since at least libpng 1.0, and the `palette` aliasing since at least 1.2.1. Both affect all prior release lines `png_set_tRNS` sets `png_ptr-\u003etrans_alpha = info_ptr-\u003etrans_alpha` (256-byte buffer) and `png_set_PLTE` sets `info_ptr-\u003epalette = png_ptr-\u003epalette` (768-byte buffer). In both cases, calling `png_free_data` (with `PNG_FREE_TRNS` or `PNG_FREE_PLTE`) frees the buffer through `info_ptr` while the corresponding `png_ptr` pointer remains dangling. Subsequent row-transform functions dereference and, in some code paths, write to the freed memory. A second call to `png_set_tRNS` or `png_set_PLTE` has the same effect, because both functions call `png_free_data` internally before reallocating the `info_ptr` buffer. Version 1.6.56 fixes the issue.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-416\", \"description\": \"CWE-416: Use After Free\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-03-26T16:48:54.174Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-33416\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-01T03:55:17.603Z\", \"dateReserved\": \"2026-03-19T17:02:34.172Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-03-26T16:48:54.174Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
SUSE-SU-2026:1716-1
Vulnerability from csaf_suse - Published: 2026-05-06 12:11 - Updated: 2026-05-06 12:11| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libpng12",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libpng12 fixes the following issues:\n\nUpdate to version 1.2.59 (jsc#PED-16191).\n\nSecurity issues :\n\n- CVE-2017-12652: missing chunk length check can lead to sensitive information disclosure, data corruption or crash\n (bsc#1141493).\n- CVE-2026-33416: use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE` can lead to arbitrary code\n execution (bsc#1260754).\n- CVE-2026-34757: use-after-free in `png_set_PLTE`, `png_set_tRNS` and `png_set_hIST` can lead to corrupted chunk data\n and potential heap information disclosure (bsc#1261957).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-1716,SUSE-SLE-Module-Basesystem-15-SP7-2026-1716,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1716,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1716,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1716,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1716,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1716,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1716,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1716,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1716,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1716,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1716",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_1716-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:1716-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261716-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:1716-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025887.html"
},
{
"category": "self",
"summary": "SUSE Bug 1141493",
"url": "https://bugzilla.suse.com/1141493"
},
{
"category": "self",
"summary": "SUSE Bug 1260754",
"url": "https://bugzilla.suse.com/1260754"
},
{
"category": "self",
"summary": "SUSE Bug 1261957",
"url": "https://bugzilla.suse.com/1261957"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12652 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33416 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33416/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34757 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34757/"
}
],
"title": "Security update for libpng12",
"tracking": {
"current_release_date": "2026-05-06T12:11:50Z",
"generator": {
"date": "2026-05-06T12:11:50Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:1716-1",
"initial_release_date": "2026-05-06T12:11:50Z",
"revision_history": [
{
"date": "2026-05-06T12:11:50Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libpng12-0-1.2.59-150000.4.11.1.aarch64",
"product": {
"name": "libpng12-0-1.2.59-150000.4.11.1.aarch64",
"product_id": "libpng12-0-1.2.59-150000.4.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpng12-compat-devel-1.2.59-150000.4.11.1.aarch64",
"product": {
"name": "libpng12-compat-devel-1.2.59-150000.4.11.1.aarch64",
"product_id": "libpng12-compat-devel-1.2.59-150000.4.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"product": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"product_id": "libpng12-devel-1.2.59-150000.4.11.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libpng12-0-64bit-1.2.59-150000.4.11.1.aarch64_ilp32",
"product": {
"name": "libpng12-0-64bit-1.2.59-150000.4.11.1.aarch64_ilp32",
"product_id": "libpng12-0-64bit-1.2.59-150000.4.11.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libpng12-compat-devel-64bit-1.2.59-150000.4.11.1.aarch64_ilp32",
"product": {
"name": "libpng12-compat-devel-64bit-1.2.59-150000.4.11.1.aarch64_ilp32",
"product_id": "libpng12-compat-devel-64bit-1.2.59-150000.4.11.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libpng12-devel-64bit-1.2.59-150000.4.11.1.aarch64_ilp32",
"product": {
"name": "libpng12-devel-64bit-1.2.59-150000.4.11.1.aarch64_ilp32",
"product_id": "libpng12-devel-64bit-1.2.59-150000.4.11.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libpng12-0-1.2.59-150000.4.11.1.i586",
"product": {
"name": "libpng12-0-1.2.59-150000.4.11.1.i586",
"product_id": "libpng12-0-1.2.59-150000.4.11.1.i586"
}
},
{
"category": "product_version",
"name": "libpng12-compat-devel-1.2.59-150000.4.11.1.i586",
"product": {
"name": "libpng12-compat-devel-1.2.59-150000.4.11.1.i586",
"product_id": "libpng12-compat-devel-1.2.59-150000.4.11.1.i586"
}
},
{
"category": "product_version",
"name": "libpng12-devel-1.2.59-150000.4.11.1.i586",
"product": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.i586",
"product_id": "libpng12-devel-1.2.59-150000.4.11.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"product": {
"name": "libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"product_id": "libpng12-0-1.2.59-150000.4.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpng12-compat-devel-1.2.59-150000.4.11.1.ppc64le",
"product": {
"name": "libpng12-compat-devel-1.2.59-150000.4.11.1.ppc64le",
"product_id": "libpng12-compat-devel-1.2.59-150000.4.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"product": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"product_id": "libpng12-devel-1.2.59-150000.4.11.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libpng12-0-1.2.59-150000.4.11.1.s390x",
"product": {
"name": "libpng12-0-1.2.59-150000.4.11.1.s390x",
"product_id": "libpng12-0-1.2.59-150000.4.11.1.s390x"
}
},
{
"category": "product_version",
"name": "libpng12-compat-devel-1.2.59-150000.4.11.1.s390x",
"product": {
"name": "libpng12-compat-devel-1.2.59-150000.4.11.1.s390x",
"product_id": "libpng12-compat-devel-1.2.59-150000.4.11.1.s390x"
}
},
{
"category": "product_version",
"name": "libpng12-devel-1.2.59-150000.4.11.1.s390x",
"product": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.s390x",
"product_id": "libpng12-devel-1.2.59-150000.4.11.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libpng12-0-1.2.59-150000.4.11.1.x86_64",
"product": {
"name": "libpng12-0-1.2.59-150000.4.11.1.x86_64",
"product_id": "libpng12-0-1.2.59-150000.4.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpng12-0-32bit-1.2.59-150000.4.11.1.x86_64",
"product": {
"name": "libpng12-0-32bit-1.2.59-150000.4.11.1.x86_64",
"product_id": "libpng12-0-32bit-1.2.59-150000.4.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpng12-compat-devel-1.2.59-150000.4.11.1.x86_64",
"product": {
"name": "libpng12-compat-devel-1.2.59-150000.4.11.1.x86_64",
"product_id": "libpng12-compat-devel-1.2.59-150000.4.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpng12-compat-devel-32bit-1.2.59-150000.4.11.1.x86_64",
"product": {
"name": "libpng12-compat-devel-32bit-1.2.59-150000.4.11.1.x86_64",
"product_id": "libpng12-compat-devel-32bit-1.2.59-150000.4.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"product": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"product_id": "libpng12-devel-1.2.59-150000.4.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpng12-devel-32bit-1.2.59-150000.4.11.1.x86_64",
"product": {
"name": "libpng12-devel-32bit-1.2.59-150000.4.11.1.x86_64",
"product_id": "libpng12-devel-32bit-1.2.59-150000.4.11.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.aarch64"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.ppc64le"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.s390x"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.x86_64"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.aarch64"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.ppc64le"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.s390x"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.x86_64"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.ppc64le"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.x86_64"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.ppc64le"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.x86_64"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.ppc64le"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.x86_64"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.ppc64le"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.x86_64"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.ppc64le"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-0-1.2.59-150000.4.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.x86_64"
},
"product_reference": "libpng12-0-1.2.59-150000.4.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.ppc64le"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng12-devel-1.2.59-150000.4.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.x86_64"
},
"product_reference": "libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-12652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12652"
}
],
"notes": [
{
"category": "general",
"text": "libpng before 1.6.32 does not properly check the length of chunks against the user limit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12652",
"url": "https://www.suse.com/security/cve/CVE-2017-12652"
},
{
"category": "external",
"summary": "SUSE Bug 1141493 for CVE-2017-12652",
"url": "https://bugzilla.suse.com/1141493"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-06T12:11:50Z",
"details": "low"
}
],
"title": "CVE-2017-12652"
},
{
"cve": "CVE-2026-33416",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33416"
}
],
"notes": [
{
"category": "general",
"text": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.2.1 through 1.6.55, `png_set_tRNS` and `png_set_PLTE` each alias a heap-allocated buffer between `png_struct` and `png_info`, sharing a single allocation across two structs with independent lifetimes. The `trans_alpha` aliasing has been present since at least libpng 1.0, and the `palette` aliasing since at least 1.2.1. Both affect all prior release lines `png_set_tRNS` sets `png_ptr-\u003etrans_alpha = info_ptr-\u003etrans_alpha` (256-byte buffer) and `png_set_PLTE` sets `info_ptr-\u003epalette = png_ptr-\u003epalette` (768-byte buffer). In both cases, calling `png_free_data` (with `PNG_FREE_TRNS` or `PNG_FREE_PLTE`) frees the buffer through `info_ptr` while the corresponding `png_ptr` pointer remains dangling. Subsequent row-transform functions dereference and, in some code paths, write to the freed memory. A second call to `png_set_tRNS` or `png_set_PLTE` has the same effect, because both functions call `png_free_data` internally before reallocating the `info_ptr` buffer. Version 1.6.56 fixes the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33416",
"url": "https://www.suse.com/security/cve/CVE-2026-33416"
},
{
"category": "external",
"summary": "SUSE Bug 1260754 for CVE-2026-33416",
"url": "https://bugzilla.suse.com/1260754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-06T12:11:50Z",
"details": "important"
}
],
"title": "CVE-2026-33416"
},
{
"cve": "CVE-2026-34757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34757"
}
],
"notes": [
{
"category": "general",
"text": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from png_get_PLTE, png_get_tRNS, or png_get_hIST back into the corresponding setter on the same png_struct/png_info pair causes the setter to read from freed memory and copy its contents into the replacement buffer. The setter frees the internal buffer before copying from the caller-supplied pointer, which now dangles. The freed region may contain stale data (producing silently corrupted chunk metadata) or data from subsequent heap allocations (leaking unrelated heap contents into the chunk struct). This vulnerability is fixed in 1.6.57.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34757",
"url": "https://www.suse.com/security/cve/CVE-2026-34757"
},
{
"category": "external",
"summary": "SUSE Bug 1261957 for CVE-2026-34757",
"url": "https://bugzilla.suse.com/1261957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libpng12-devel-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-0-1.2.59-150000.4.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libpng12-devel-1.2.59-150000.4.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-06T12:11:50Z",
"details": "moderate"
}
],
"title": "CVE-2026-34757"
}
]
}
SUSE-SU-2026:21000-1
Vulnerability from csaf_suse - Published: 2026-04-07 11:57 - Updated: 2026-04-07 11:57| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libpng16",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libpng16 fixes the following issues:\n\n- CVE-2026-33416: use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE` can lead to arbitrary code\n execution (bsc#1260754).\n- CVE-2026-33636: out-of-bounds read/write in the palette expansion on ARM Neon can lead to information leak and\n crashes (bsc#1260755).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SL-Micro-6.2-480",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21000-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:21000-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621000-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:21000-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-April/045406.html"
},
{
"category": "self",
"summary": "SUSE Bug 1260754",
"url": "https://bugzilla.suse.com/1260754"
},
{
"category": "self",
"summary": "SUSE Bug 1260755",
"url": "https://bugzilla.suse.com/1260755"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33416 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33416/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33636 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33636/"
}
],
"title": "Security update for libpng16",
"tracking": {
"current_release_date": "2026-04-07T11:57:32Z",
"generator": {
"date": "2026-04-07T11:57:32Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:21000-1",
"initial_release_date": "2026-04-07T11:57:32Z",
"revision_history": [
{
"date": "2026-04-07T11:57:32Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libpng16-16-1.6.44-160000.6.1.aarch64",
"product": {
"name": "libpng16-16-1.6.44-160000.6.1.aarch64",
"product_id": "libpng16-16-1.6.44-160000.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libpng16-16-1.6.44-160000.6.1.ppc64le",
"product": {
"name": "libpng16-16-1.6.44-160000.6.1.ppc64le",
"product_id": "libpng16-16-1.6.44-160000.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libpng16-16-1.6.44-160000.6.1.s390x",
"product": {
"name": "libpng16-16-1.6.44-160000.6.1.s390x",
"product_id": "libpng16-16-1.6.44-160000.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libpng16-16-1.6.44-160000.6.1.x86_64",
"product": {
"name": "libpng16-16-1.6.44-160000.6.1.x86_64",
"product_id": "libpng16-16-1.6.44-160000.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-16-1.6.44-160000.6.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.aarch64"
},
"product_reference": "libpng16-16-1.6.44-160000.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-16-1.6.44-160000.6.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.ppc64le"
},
"product_reference": "libpng16-16-1.6.44-160000.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-16-1.6.44-160000.6.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.s390x"
},
"product_reference": "libpng16-16-1.6.44-160000.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-16-1.6.44-160000.6.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.x86_64"
},
"product_reference": "libpng16-16-1.6.44-160000.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33416",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33416"
}
],
"notes": [
{
"category": "general",
"text": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.2.1 through 1.6.55, `png_set_tRNS` and `png_set_PLTE` each alias a heap-allocated buffer between `png_struct` and `png_info`, sharing a single allocation across two structs with independent lifetimes. The `trans_alpha` aliasing has been present since at least libpng 1.0, and the `palette` aliasing since at least 1.2.1. Both affect all prior release lines `png_set_tRNS` sets `png_ptr-\u003etrans_alpha = info_ptr-\u003etrans_alpha` (256-byte buffer) and `png_set_PLTE` sets `info_ptr-\u003epalette = png_ptr-\u003epalette` (768-byte buffer). In both cases, calling `png_free_data` (with `PNG_FREE_TRNS` or `PNG_FREE_PLTE`) frees the buffer through `info_ptr` while the corresponding `png_ptr` pointer remains dangling. Subsequent row-transform functions dereference and, in some code paths, write to the freed memory. A second call to `png_set_tRNS` or `png_set_PLTE` has the same effect, because both functions call `png_free_data` internally before reallocating the `info_ptr` buffer. Version 1.6.56 fixes the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.aarch64",
"SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.s390x",
"SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33416",
"url": "https://www.suse.com/security/cve/CVE-2026-33416"
},
{
"category": "external",
"summary": "SUSE Bug 1260754 for CVE-2026-33416",
"url": "https://bugzilla.suse.com/1260754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.aarch64",
"SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.s390x",
"SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.aarch64",
"SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.s390x",
"SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-07T11:57:32Z",
"details": "important"
}
],
"title": "CVE-2026-33416"
},
{
"cve": "CVE-2026-33636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33636"
}
],
"notes": [
{
"category": "general",
"text": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.6.36 through 1.6.55, an out-of-bounds read and write exists in libpng\u0027s ARM/AArch64 Neon-optimized palette expansion path. When expanding 8-bit paletted rows to RGB or RGBA, the Neon loop processes a final partial chunk without verifying that enough input pixels remain. Because the implementation works backward from the end of the row, the final iteration dereferences pointers before the start of the row buffer (OOB read) and writes expanded pixel data to the same underflowed positions (OOB write). This is reachable via normal decoding of attacker-controlled PNG input if Neon is enabled. Version 1.6.56 fixes the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.aarch64",
"SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.s390x",
"SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33636",
"url": "https://www.suse.com/security/cve/CVE-2026-33636"
},
{
"category": "external",
"summary": "SUSE Bug 1260755 for CVE-2026-33636",
"url": "https://bugzilla.suse.com/1260755"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.aarch64",
"SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.s390x",
"SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.aarch64",
"SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.s390x",
"SUSE Linux Micro 6.2:libpng16-16-1.6.44-160000.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-07T11:57:32Z",
"details": "important"
}
],
"title": "CVE-2026-33636"
}
]
}
SUSE-SU-2026:21038-1
Vulnerability from csaf_suse - Published: 2026-04-09 11:10 - Updated: 2026-04-09 11:10| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libpng16",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libpng16 fixes the following issues:\n\n- CVE-2026-33416: use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE` can lead to arbitrary code\n execution (bsc#1260754).\n- CVE-2026-33636: out-of-bounds read/write in the palette expansion on ARM Neon can lead to information leak and\n crashes (bsc#1260755).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-479",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21038-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:21038-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621038-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:21038-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025302.html"
},
{
"category": "self",
"summary": "SUSE Bug 1260754",
"url": "https://bugzilla.suse.com/1260754"
},
{
"category": "self",
"summary": "SUSE Bug 1260755",
"url": "https://bugzilla.suse.com/1260755"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33416 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33416/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33636 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33636/"
}
],
"title": "Security update for libpng16",
"tracking": {
"current_release_date": "2026-04-09T11:10:09Z",
"generator": {
"date": "2026-04-09T11:10:09Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:21038-1",
"initial_release_date": "2026-04-09T11:10:09Z",
"revision_history": [
{
"date": "2026-04-09T11:10:09Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libpng16-16-1.6.43-slfo.1.1_4.1.aarch64",
"product": {
"name": "libpng16-16-1.6.43-slfo.1.1_4.1.aarch64",
"product_id": "libpng16-16-1.6.43-slfo.1.1_4.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libpng16-16-1.6.43-slfo.1.1_4.1.ppc64le",
"product": {
"name": "libpng16-16-1.6.43-slfo.1.1_4.1.ppc64le",
"product_id": "libpng16-16-1.6.43-slfo.1.1_4.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libpng16-16-1.6.43-slfo.1.1_4.1.s390x",
"product": {
"name": "libpng16-16-1.6.43-slfo.1.1_4.1.s390x",
"product_id": "libpng16-16-1.6.43-slfo.1.1_4.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libpng16-16-1.6.43-slfo.1.1_4.1.x86_64",
"product": {
"name": "libpng16-16-1.6.43-slfo.1.1_4.1.x86_64",
"product_id": "libpng16-16-1.6.43-slfo.1.1_4.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-16-1.6.43-slfo.1.1_4.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.aarch64"
},
"product_reference": "libpng16-16-1.6.43-slfo.1.1_4.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-16-1.6.43-slfo.1.1_4.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.ppc64le"
},
"product_reference": "libpng16-16-1.6.43-slfo.1.1_4.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-16-1.6.43-slfo.1.1_4.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.s390x"
},
"product_reference": "libpng16-16-1.6.43-slfo.1.1_4.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-16-1.6.43-slfo.1.1_4.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.x86_64"
},
"product_reference": "libpng16-16-1.6.43-slfo.1.1_4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33416",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33416"
}
],
"notes": [
{
"category": "general",
"text": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.2.1 through 1.6.55, `png_set_tRNS` and `png_set_PLTE` each alias a heap-allocated buffer between `png_struct` and `png_info`, sharing a single allocation across two structs with independent lifetimes. The `trans_alpha` aliasing has been present since at least libpng 1.0, and the `palette` aliasing since at least 1.2.1. Both affect all prior release lines `png_set_tRNS` sets `png_ptr-\u003etrans_alpha = info_ptr-\u003etrans_alpha` (256-byte buffer) and `png_set_PLTE` sets `info_ptr-\u003epalette = png_ptr-\u003epalette` (768-byte buffer). In both cases, calling `png_free_data` (with `PNG_FREE_TRNS` or `PNG_FREE_PLTE`) frees the buffer through `info_ptr` while the corresponding `png_ptr` pointer remains dangling. Subsequent row-transform functions dereference and, in some code paths, write to the freed memory. A second call to `png_set_tRNS` or `png_set_PLTE` has the same effect, because both functions call `png_free_data` internally before reallocating the `info_ptr` buffer. Version 1.6.56 fixes the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33416",
"url": "https://www.suse.com/security/cve/CVE-2026-33416"
},
{
"category": "external",
"summary": "SUSE Bug 1260754 for CVE-2026-33416",
"url": "https://bugzilla.suse.com/1260754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-09T11:10:09Z",
"details": "important"
}
],
"title": "CVE-2026-33416"
},
{
"cve": "CVE-2026-33636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33636"
}
],
"notes": [
{
"category": "general",
"text": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.6.36 through 1.6.55, an out-of-bounds read and write exists in libpng\u0027s ARM/AArch64 Neon-optimized palette expansion path. When expanding 8-bit paletted rows to RGB or RGBA, the Neon loop processes a final partial chunk without verifying that enough input pixels remain. Because the implementation works backward from the end of the row, the final iteration dereferences pointers before the start of the row buffer (OOB read) and writes expanded pixel data to the same underflowed positions (OOB write). This is reachable via normal decoding of attacker-controlled PNG input if Neon is enabled. Version 1.6.56 fixes the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33636",
"url": "https://www.suse.com/security/cve/CVE-2026-33636"
},
{
"category": "external",
"summary": "SUSE Bug 1260755 for CVE-2026-33636",
"url": "https://bugzilla.suse.com/1260755"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:libpng16-16-1.6.43-slfo.1.1_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-09T11:10:09Z",
"details": "important"
}
],
"title": "CVE-2026-33636"
}
]
}
SUSE-SU-2026:21067-1
Vulnerability from csaf_suse - Published: 2026-04-09 10:16 - Updated: 2026-04-09 10:16| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libpng16",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libpng16 fixes the following issues:\n\n- CVE-2026-33416: use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE` can lead to arbitrary code\n execution (bsc#1260754).\n- CVE-2026-33636: out-of-bounds read/write in the palette expansion on ARM Neon can lead to information leak and\n crashes (bsc#1260755).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-660",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21067-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:21067-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621067-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:21067-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-April/045457.html"
},
{
"category": "self",
"summary": "SUSE Bug 1260754",
"url": "https://bugzilla.suse.com/1260754"
},
{
"category": "self",
"summary": "SUSE Bug 1260755",
"url": "https://bugzilla.suse.com/1260755"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33416 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33416/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33636 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33636/"
}
],
"title": "Security update for libpng16",
"tracking": {
"current_release_date": "2026-04-09T10:16:32Z",
"generator": {
"date": "2026-04-09T10:16:32Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:21067-1",
"initial_release_date": "2026-04-09T10:16:32Z",
"revision_history": [
{
"date": "2026-04-09T10:16:32Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libpng16-16-1.6.43-4.1.aarch64",
"product": {
"name": "libpng16-16-1.6.43-4.1.aarch64",
"product_id": "libpng16-16-1.6.43-4.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libpng16-16-1.6.43-4.1.s390x",
"product": {
"name": "libpng16-16-1.6.43-4.1.s390x",
"product_id": "libpng16-16-1.6.43-4.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libpng16-16-1.6.43-4.1.x86_64",
"product": {
"name": "libpng16-16-1.6.43-4.1.x86_64",
"product_id": "libpng16-16-1.6.43-4.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-16-1.6.43-4.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.aarch64"
},
"product_reference": "libpng16-16-1.6.43-4.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-16-1.6.43-4.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.s390x"
},
"product_reference": "libpng16-16-1.6.43-4.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-16-1.6.43-4.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.x86_64"
},
"product_reference": "libpng16-16-1.6.43-4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33416",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33416"
}
],
"notes": [
{
"category": "general",
"text": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.2.1 through 1.6.55, `png_set_tRNS` and `png_set_PLTE` each alias a heap-allocated buffer between `png_struct` and `png_info`, sharing a single allocation across two structs with independent lifetimes. The `trans_alpha` aliasing has been present since at least libpng 1.0, and the `palette` aliasing since at least 1.2.1. Both affect all prior release lines `png_set_tRNS` sets `png_ptr-\u003etrans_alpha = info_ptr-\u003etrans_alpha` (256-byte buffer) and `png_set_PLTE` sets `info_ptr-\u003epalette = png_ptr-\u003epalette` (768-byte buffer). In both cases, calling `png_free_data` (with `PNG_FREE_TRNS` or `PNG_FREE_PLTE`) frees the buffer through `info_ptr` while the corresponding `png_ptr` pointer remains dangling. Subsequent row-transform functions dereference and, in some code paths, write to the freed memory. A second call to `png_set_tRNS` or `png_set_PLTE` has the same effect, because both functions call `png_free_data` internally before reallocating the `info_ptr` buffer. Version 1.6.56 fixes the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.aarch64",
"SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.s390x",
"SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33416",
"url": "https://www.suse.com/security/cve/CVE-2026-33416"
},
{
"category": "external",
"summary": "SUSE Bug 1260754 for CVE-2026-33416",
"url": "https://bugzilla.suse.com/1260754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.aarch64",
"SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.s390x",
"SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.aarch64",
"SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.s390x",
"SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-09T10:16:32Z",
"details": "important"
}
],
"title": "CVE-2026-33416"
},
{
"cve": "CVE-2026-33636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33636"
}
],
"notes": [
{
"category": "general",
"text": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.6.36 through 1.6.55, an out-of-bounds read and write exists in libpng\u0027s ARM/AArch64 Neon-optimized palette expansion path. When expanding 8-bit paletted rows to RGB or RGBA, the Neon loop processes a final partial chunk without verifying that enough input pixels remain. Because the implementation works backward from the end of the row, the final iteration dereferences pointers before the start of the row buffer (OOB read) and writes expanded pixel data to the same underflowed positions (OOB write). This is reachable via normal decoding of attacker-controlled PNG input if Neon is enabled. Version 1.6.56 fixes the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.aarch64",
"SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.s390x",
"SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33636",
"url": "https://www.suse.com/security/cve/CVE-2026-33636"
},
{
"category": "external",
"summary": "SUSE Bug 1260755 for CVE-2026-33636",
"url": "https://bugzilla.suse.com/1260755"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.aarch64",
"SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.s390x",
"SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.aarch64",
"SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.s390x",
"SUSE Linux Micro 6.0:libpng16-16-1.6.43-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-09T10:16:32Z",
"details": "important"
}
],
"title": "CVE-2026-33636"
}
]
}
SUSE-SU-2026:21138-1
Vulnerability from csaf_suse - Published: 2026-04-07 11:57 - Updated: 2026-04-07 11:57| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-16-x86-64-v3-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-x86-64-v3-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-16-x86-64-v3-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-x86-64-v3-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libpng16",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libpng16 fixes the following issues:\n\n- CVE-2026-33416: use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE` can lead to arbitrary code\n execution (bsc#1260754).\n- CVE-2026-33636: out-of-bounds read/write in the palette expansion on ARM Neon can lead to information leak and\n crashes (bsc#1260755).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-480",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21138-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:21138-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621138-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:21138-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025519.html"
},
{
"category": "self",
"summary": "SUSE Bug 1260754",
"url": "https://bugzilla.suse.com/1260754"
},
{
"category": "self",
"summary": "SUSE Bug 1260755",
"url": "https://bugzilla.suse.com/1260755"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33416 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33416/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33636 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33636/"
}
],
"title": "Security update for libpng16",
"tracking": {
"current_release_date": "2026-04-07T11:57:32Z",
"generator": {
"date": "2026-04-07T11:57:32Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:21138-1",
"initial_release_date": "2026-04-07T11:57:32Z",
"revision_history": [
{
"date": "2026-04-07T11:57:32Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libpng16-16-1.6.44-160000.6.1.aarch64",
"product": {
"name": "libpng16-16-1.6.44-160000.6.1.aarch64",
"product_id": "libpng16-16-1.6.44-160000.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpng16-compat-devel-1.6.44-160000.6.1.aarch64",
"product": {
"name": "libpng16-compat-devel-1.6.44-160000.6.1.aarch64",
"product_id": "libpng16-compat-devel-1.6.44-160000.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpng16-devel-1.6.44-160000.6.1.aarch64",
"product": {
"name": "libpng16-devel-1.6.44-160000.6.1.aarch64",
"product_id": "libpng16-devel-1.6.44-160000.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpng16-tools-1.6.44-160000.6.1.aarch64",
"product": {
"name": "libpng16-tools-1.6.44-160000.6.1.aarch64",
"product_id": "libpng16-tools-1.6.44-160000.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libpng16-16-1.6.44-160000.6.1.ppc64le",
"product": {
"name": "libpng16-16-1.6.44-160000.6.1.ppc64le",
"product_id": "libpng16-16-1.6.44-160000.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpng16-compat-devel-1.6.44-160000.6.1.ppc64le",
"product": {
"name": "libpng16-compat-devel-1.6.44-160000.6.1.ppc64le",
"product_id": "libpng16-compat-devel-1.6.44-160000.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpng16-devel-1.6.44-160000.6.1.ppc64le",
"product": {
"name": "libpng16-devel-1.6.44-160000.6.1.ppc64le",
"product_id": "libpng16-devel-1.6.44-160000.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpng16-tools-1.6.44-160000.6.1.ppc64le",
"product": {
"name": "libpng16-tools-1.6.44-160000.6.1.ppc64le",
"product_id": "libpng16-tools-1.6.44-160000.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libpng16-16-1.6.44-160000.6.1.s390x",
"product": {
"name": "libpng16-16-1.6.44-160000.6.1.s390x",
"product_id": "libpng16-16-1.6.44-160000.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libpng16-compat-devel-1.6.44-160000.6.1.s390x",
"product": {
"name": "libpng16-compat-devel-1.6.44-160000.6.1.s390x",
"product_id": "libpng16-compat-devel-1.6.44-160000.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libpng16-devel-1.6.44-160000.6.1.s390x",
"product": {
"name": "libpng16-devel-1.6.44-160000.6.1.s390x",
"product_id": "libpng16-devel-1.6.44-160000.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libpng16-tools-1.6.44-160000.6.1.s390x",
"product": {
"name": "libpng16-tools-1.6.44-160000.6.1.s390x",
"product_id": "libpng16-tools-1.6.44-160000.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libpng16-16-1.6.44-160000.6.1.x86_64",
"product": {
"name": "libpng16-16-1.6.44-160000.6.1.x86_64",
"product_id": "libpng16-16-1.6.44-160000.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpng16-16-x86-64-v3-1.6.44-160000.6.1.x86_64",
"product": {
"name": "libpng16-16-x86-64-v3-1.6.44-160000.6.1.x86_64",
"product_id": "libpng16-16-x86-64-v3-1.6.44-160000.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpng16-compat-devel-1.6.44-160000.6.1.x86_64",
"product": {
"name": "libpng16-compat-devel-1.6.44-160000.6.1.x86_64",
"product_id": "libpng16-compat-devel-1.6.44-160000.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpng16-compat-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"product": {
"name": "libpng16-compat-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"product_id": "libpng16-compat-devel-x86-64-v3-1.6.44-160000.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpng16-devel-1.6.44-160000.6.1.x86_64",
"product": {
"name": "libpng16-devel-1.6.44-160000.6.1.x86_64",
"product_id": "libpng16-devel-1.6.44-160000.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpng16-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"product": {
"name": "libpng16-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"product_id": "libpng16-devel-x86-64-v3-1.6.44-160000.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpng16-tools-1.6.44-160000.6.1.x86_64",
"product": {
"name": "libpng16-tools-1.6.44-160000.6.1.x86_64",
"product_id": "libpng16-tools-1.6.44-160000.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-16-1.6.44-160000.6.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.aarch64"
},
"product_reference": "libpng16-16-1.6.44-160000.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-16-1.6.44-160000.6.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.ppc64le"
},
"product_reference": "libpng16-16-1.6.44-160000.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-16-1.6.44-160000.6.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.s390x"
},
"product_reference": "libpng16-16-1.6.44-160000.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-16-1.6.44-160000.6.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.x86_64"
},
"product_reference": "libpng16-16-1.6.44-160000.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-16-x86-64-v3-1.6.44-160000.6.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpng16-16-x86-64-v3-1.6.44-160000.6.1.x86_64"
},
"product_reference": "libpng16-16-x86-64-v3-1.6.44-160000.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-compat-devel-1.6.44-160000.6.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.aarch64"
},
"product_reference": "libpng16-compat-devel-1.6.44-160000.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-compat-devel-1.6.44-160000.6.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.ppc64le"
},
"product_reference": "libpng16-compat-devel-1.6.44-160000.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-compat-devel-1.6.44-160000.6.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.s390x"
},
"product_reference": "libpng16-compat-devel-1.6.44-160000.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-compat-devel-1.6.44-160000.6.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.x86_64"
},
"product_reference": "libpng16-compat-devel-1.6.44-160000.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-compat-devel-x86-64-v3-1.6.44-160000.6.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.6.1.x86_64"
},
"product_reference": "libpng16-compat-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-devel-1.6.44-160000.6.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.aarch64"
},
"product_reference": "libpng16-devel-1.6.44-160000.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-devel-1.6.44-160000.6.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.ppc64le"
},
"product_reference": "libpng16-devel-1.6.44-160000.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-devel-1.6.44-160000.6.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.s390x"
},
"product_reference": "libpng16-devel-1.6.44-160000.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-devel-1.6.44-160000.6.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.x86_64"
},
"product_reference": "libpng16-devel-1.6.44-160000.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-devel-x86-64-v3-1.6.44-160000.6.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.6.1.x86_64"
},
"product_reference": "libpng16-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-tools-1.6.44-160000.6.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.aarch64"
},
"product_reference": "libpng16-tools-1.6.44-160000.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-tools-1.6.44-160000.6.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.ppc64le"
},
"product_reference": "libpng16-tools-1.6.44-160000.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-tools-1.6.44-160000.6.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.s390x"
},
"product_reference": "libpng16-tools-1.6.44-160000.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-tools-1.6.44-160000.6.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.x86_64"
},
"product_reference": "libpng16-tools-1.6.44-160000.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-16-1.6.44-160000.6.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.aarch64"
},
"product_reference": "libpng16-16-1.6.44-160000.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-16-1.6.44-160000.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.ppc64le"
},
"product_reference": "libpng16-16-1.6.44-160000.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-16-1.6.44-160000.6.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.s390x"
},
"product_reference": "libpng16-16-1.6.44-160000.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-16-1.6.44-160000.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.x86_64"
},
"product_reference": "libpng16-16-1.6.44-160000.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-16-x86-64-v3-1.6.44-160000.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-x86-64-v3-1.6.44-160000.6.1.x86_64"
},
"product_reference": "libpng16-16-x86-64-v3-1.6.44-160000.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-compat-devel-1.6.44-160000.6.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.aarch64"
},
"product_reference": "libpng16-compat-devel-1.6.44-160000.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-compat-devel-1.6.44-160000.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.ppc64le"
},
"product_reference": "libpng16-compat-devel-1.6.44-160000.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-compat-devel-1.6.44-160000.6.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.s390x"
},
"product_reference": "libpng16-compat-devel-1.6.44-160000.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-compat-devel-1.6.44-160000.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.x86_64"
},
"product_reference": "libpng16-compat-devel-1.6.44-160000.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-compat-devel-x86-64-v3-1.6.44-160000.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.6.1.x86_64"
},
"product_reference": "libpng16-compat-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-devel-1.6.44-160000.6.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.aarch64"
},
"product_reference": "libpng16-devel-1.6.44-160000.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-devel-1.6.44-160000.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.ppc64le"
},
"product_reference": "libpng16-devel-1.6.44-160000.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-devel-1.6.44-160000.6.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.s390x"
},
"product_reference": "libpng16-devel-1.6.44-160000.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-devel-1.6.44-160000.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.x86_64"
},
"product_reference": "libpng16-devel-1.6.44-160000.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-devel-x86-64-v3-1.6.44-160000.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.6.1.x86_64"
},
"product_reference": "libpng16-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-tools-1.6.44-160000.6.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.aarch64"
},
"product_reference": "libpng16-tools-1.6.44-160000.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-tools-1.6.44-160000.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.ppc64le"
},
"product_reference": "libpng16-tools-1.6.44-160000.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-tools-1.6.44-160000.6.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.s390x"
},
"product_reference": "libpng16-tools-1.6.44-160000.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpng16-tools-1.6.44-160000.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.x86_64"
},
"product_reference": "libpng16-tools-1.6.44-160000.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33416",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33416"
}
],
"notes": [
{
"category": "general",
"text": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.2.1 through 1.6.55, `png_set_tRNS` and `png_set_PLTE` each alias a heap-allocated buffer between `png_struct` and `png_info`, sharing a single allocation across two structs with independent lifetimes. The `trans_alpha` aliasing has been present since at least libpng 1.0, and the `palette` aliasing since at least 1.2.1. Both affect all prior release lines `png_set_tRNS` sets `png_ptr-\u003etrans_alpha = info_ptr-\u003etrans_alpha` (256-byte buffer) and `png_set_PLTE` sets `info_ptr-\u003epalette = png_ptr-\u003epalette` (768-byte buffer). In both cases, calling `png_free_data` (with `PNG_FREE_TRNS` or `PNG_FREE_PLTE`) frees the buffer through `info_ptr` while the corresponding `png_ptr` pointer remains dangling. Subsequent row-transform functions dereference and, in some code paths, write to the freed memory. A second call to `png_set_tRNS` or `png_set_PLTE` has the same effect, because both functions call `png_free_data` internally before reallocating the `info_ptr` buffer. Version 1.6.56 fixes the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-16-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33416",
"url": "https://www.suse.com/security/cve/CVE-2026-33416"
},
{
"category": "external",
"summary": "SUSE Bug 1260754 for CVE-2026-33416",
"url": "https://bugzilla.suse.com/1260754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-16-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-16-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-07T11:57:32Z",
"details": "important"
}
],
"title": "CVE-2026-33416"
},
{
"cve": "CVE-2026-33636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33636"
}
],
"notes": [
{
"category": "general",
"text": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.6.36 through 1.6.55, an out-of-bounds read and write exists in libpng\u0027s ARM/AArch64 Neon-optimized palette expansion path. When expanding 8-bit paletted rows to RGB or RGBA, the Neon loop processes a final partial chunk without verifying that enough input pixels remain. Because the implementation works backward from the end of the row, the final iteration dereferences pointers before the start of the row buffer (OOB read) and writes expanded pixel data to the same underflowed positions (OOB write). This is reachable via normal decoding of attacker-controlled PNG input if Neon is enabled. Version 1.6.56 fixes the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-16-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33636",
"url": "https://www.suse.com/security/cve/CVE-2026-33636"
},
{
"category": "external",
"summary": "SUSE Bug 1260755 for CVE-2026-33636",
"url": "https://bugzilla.suse.com/1260755"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-16-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpng16-16-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-16-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpng16-tools-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-16-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpng16-tools-1.6.44-160000.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-07T11:57:32Z",
"details": "important"
}
],
"title": "CVE-2026-33636"
}
]
}
VDE-2026-053
Vulnerability from csaf_mettlertoledogmbh - Published: 2026-05-26 10:00 - Updated: 2026-05-26 10:00LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.6.36 through 1.6.55, an out-of-bounds read and write exists in libpng's ARM/AArch64 Neon-optimized palette expansion path. When expanding 8-bit paletted rows to RGB or RGBA, the Neon loop processes a final partial chunk without verifying that enough input pixels remain. Because the implementation works backward from the end of the row, the final iteration dereferences pointers before the start of the row buffer (OOB read) and writes expanded pixel data to the same underflowed positions (OOB write). This is reachable via normal decoding of attacker-controlled PNG input if Neon is enabled. Version 1.6.56 fixes the issue.
The EVA Karl Fischer titrator must receive a crafted paletted PNG image during the LabX login flow.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — |
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.2.1 through 1.6.55, `png_set_tRNS` and `png_set_PLTE` each alias a heap-allocated buffer between `png_struct` and `png_info`, sharing a single allocation across two structs with independent lifetimes. The `trans_alpha` aliasing has been present since at least libpng 1.0, and the `palette` aliasing since at least 1.2.1. Both affect all prior release lines `png_set_tRNS` sets `png_ptr->trans_alpha = info_ptr->trans_alpha` (256-byte buffer) and `png_set_PLTE` sets `info_ptr->palette = png_ptr->palette` (768-byte buffer). In both cases, calling `png_free_data` (with `PNG_FREE_TRNS` or `PNG_FREE_PLTE`) frees the buffer through `info_ptr` while the corresponding `png_ptr` pointer remains dangling. Subsequent row-transform functions dereference and, in some code paths, write to the freed memory. A second call to `png_set_tRNS` or `png_set_PLTE` has the same effect, because both functions call `png_free_data` internally before reallocating the `info_ptr` buffer. Version 1.6.56 fixes the issue.
The EVA Karl Fischer titrator must receive a crafted PNG image during the LabX login flow.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — |
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
}
],
"aggregate_severity": {
"namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale",
"text": "high"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "Titration software versions prior to 2.0.2.6 are affected by libpng vulnerabilities CVE-2026-33416 and CVE-2026-33636.",
"title": "Summary"
},
{
"category": "description",
"text": "When an EVA Karl Fischer titrator connects to a LabX server for authentication, a crafted PNG image processed during this flow could trigger the vulnerability in the underlying libpng library, potentially causing a denial of service, information disclosure, heap corruption, or code execution.",
"title": "Impact"
},
{
"category": "description",
"text": "Update to Titration software version 2.0.2.6, which includes fixes for CVE-2026-33416 and CVE-2026-33636.",
"title": "Remediation"
},
{
"category": "legal_disclaimer",
"text": "Your use of the information on this document or materials linked from this document is at your own risk. METTLER TOLEDO makes reasonable efforts to ensure the accuracy of the information but does not grant any warranty, express or implied, including warranties of merchantability or fitness for a particular purpose. To the extent permitted by applicable law, METTLER TOLEDO excludes liability for any loss, claim, expense or damage arising from or related to the statements in this document. METTLER TOLEDO reserves the right to change or update this document at any time.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@mt.com",
"name": "Mettler-Toledo GmbH",
"namespace": "https://www.mt.com"
},
"references": [
{
"category": "external",
"summary": "Product security website of METTLER TOLEDO",
"url": "https://www.mt.com/ph/en/home/site_content/product-security.html"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for METTLER TOLEDO",
"url": "https://certvde.com/en/advisories/vendor/mettler-toledo/"
},
{
"category": "self",
"summary": "VDE-2026-053: METTLER TOLEDO: EVA Karl Fischer titrators affected by libpng vulnerabilities - HTML",
"url": "https://certvde.com/en/advisories/VDE-2026-053/"
},
{
"category": "self",
"summary": "VDE-2026-053: METTLER TOLEDO: EVA Karl Fischer titrators affected by libpng vulnerabilities - CSAF",
"url": "https://mettler-toledo.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-053.json"
}
],
"title": "METTLER TOLEDO: EVA Karl Fischer titrators affected by libpng vulnerabilities",
"tracking": {
"aliases": [
"VDE-2026-053"
],
"current_release_date": "2026-05-26T10:00:00.000Z",
"generator": {
"date": "2026-05-21T09:27:10.358Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.44"
}
},
"id": "VDE-2026-053",
"initial_release_date": "2026-05-26T10:00:00.000Z",
"revision_history": [
{
"date": "2026-05-26T10:00:00.000Z",
"number": "1.0.0",
"summary": "Initial revision"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c2.0.2.6",
"product": {
"name": "Titration Software version \u003c2.0.2.6",
"product_id": "CSAFPID-51001",
"product_identification_helper": {
"cpe": "cpe:2.3:a:mettler_toledo:eva_titration:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "2.0.2.6",
"product": {
"name": "Titration Software version 2.0.2.6",
"product_id": "CSAFPID-52001",
"product_identification_helper": {
"cpe": "cpe:2.3:a:mettler_toledo:eva_titration:2.0.2.6:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Titration Software"
}
],
"category": "product_family",
"name": "Software"
},
{
"branches": [
{
"category": "product_name",
"name": "EVA V1 Volumetric Karl Fischer Titrator",
"product": {
"name": "EVA V1 Volumetric Karl Fischer Titrator",
"product_id": "CSAFPID-11001",
"product_identification_helper": {
"cpe": "cpe:2.3:h:mettler_toledo:volumetric_kf_titrator_eva_v1:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "EVA V3 Volumetric Karl Fischer Titrator",
"product": {
"name": "EVA V3 Volumetric Karl Fischer Titrator",
"product_id": "CSAFPID-11002",
"product_identification_helper": {
"cpe": "cpe:2.3:h:mettler_toledo:volumetric_kf_titrator_eva_v3:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "EVA C1 Coulometric Karl Fischer Titrator",
"product": {
"name": "EVA C1 Coulometric Karl Fischer Titrator",
"product_id": "CSAFPID-11003",
"product_identification_helper": {
"cpe": "cpe:2.3:h:mettler_toledo:coulometric_kf_titrator_eva_c1:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "EVA C3 Coulometric Karl Fischer Titrator",
"product": {
"name": "EVA C3 Coulometric Karl Fischer Titrator",
"product_id": "CSAFPID-11004",
"product_identification_helper": {
"cpe": "cpe:2.3:h:mettler_toledo:coulometric_kf_titrator_eva_c3:*:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_family",
"name": "Hardware"
}
],
"category": "vendor",
"name": "METTLER TOLEDO"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004"
],
"summary": "affected products"
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004"
],
"summary": "fixed products"
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Titration Software version \u003c2.0.2.6 installed on EVA V1 Volumetric Karl Fischer Titrator",
"product_id": "CSAFPID-31001",
"product_identification_helper": {
"cpe": "cpe:2.3:o:mettler_toledo:volumetric_kf_titrator_eva_v1:*:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-51001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Titration Software version \u003c2.0.2.6 installed on EVA V3 Volumetric Karl Fischer Titrator",
"product_id": "CSAFPID-31002",
"product_identification_helper": {
"cpe": "cpe:2.3:o:mettler_toledo:volumetric_kf_titrator_eva_v3:*:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-51001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Titration Software version \u003c2.0.2.6 installed on EVA C1 Coulometric Karl Fischer Titrator",
"product_id": "CSAFPID-31003",
"product_identification_helper": {
"cpe": "cpe:2.3:o:mettler_toledo:coulometric_kf_titrator_eva_c1:*:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-51001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Titration Software version \u003c2.0.2.6 installed on EVA C3 Coulometric Karl Fischer Titrator",
"product_id": "CSAFPID-31004",
"product_identification_helper": {
"cpe": "cpe:2.3:o:mettler_toledo:coulometric_kf_titrator_eva_c3:*:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-51001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Titration Software version 2.0.2.6 installed on EVA V1 Volumetric Karl Fischer Titrator",
"product_id": "CSAFPID-32001",
"product_identification_helper": {
"cpe": "cpe:2.3:o:mettler_toledo:volumetric_kf_titrator_eva_v1:2.0.2.6:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-52001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Titration Software version 2.0.2.6 installed on EVA V3 Volumetric Karl Fischer Titrator",
"product_id": "CSAFPID-32002",
"product_identification_helper": {
"cpe": "cpe:2.3:o:mettler_toledo:volumetric_kf_titrator_eva_v3:2.0.2.6:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-52001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Titration Software version 2.0.2.6 installed on EVA C1 Coulometric Karl Fischer Titrator",
"product_id": "CSAFPID-32003",
"product_identification_helper": {
"cpe": "cpe:2.3:o:mettler_toledo:coulometric_kf_titrator_eva_c1:2.0.2.6:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-52001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Titration Software version 2.0.2.6 installed on EVA C3 Coulometric Karl Fischer Titrator",
"product_id": "CSAFPID-32004",
"product_identification_helper": {
"cpe": "cpe:2.3:o:mettler_toledo:coulometric_kf_titrator_eva_c3:2.0.2.6:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-52001",
"relates_to_product_reference": "CSAFPID-11004"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33636",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.6.36 through 1.6.55, an out-of-bounds read and write exists in libpng\u0027s ARM/AArch64 Neon-optimized palette expansion path. When expanding 8-bit paletted rows to RGB or RGBA, the Neon loop processes a final partial chunk without verifying that enough input pixels remain. Because the implementation works backward from the end of the row, the final iteration dereferences pointers before the start of the row buffer (OOB read) and writes expanded pixel data to the same underflowed positions (OOB write). This is reachable via normal decoding of attacker-controlled PNG input if Neon is enabled. Version 1.6.56 fixes the issue.",
"title": "CVE Description"
},
{
"category": "description",
"text": "The EVA Karl Fischer titrator must receive a crafted paletted PNG image during the LabX login flow.",
"title": "Vulnerability Characterisation"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004"
],
"recommended": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Titration software version 2.0.2.6, which includes a fix for CVE-2026-33636.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"environmentalScore": 7.6,
"environmentalSeverity": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.6,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004"
]
}
],
"title": "LIBPNG has ARM NEON Palette Expansion Out-of-Bounds Read on AArch64"
},
{
"cve": "CVE-2026-33416",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.2.1 through 1.6.55, `png_set_tRNS` and `png_set_PLTE` each alias a heap-allocated buffer between `png_struct` and `png_info`, sharing a single allocation across two structs with independent lifetimes. The `trans_alpha` aliasing has been present since at least libpng 1.0, and the `palette` aliasing since at least 1.2.1. Both affect all prior release lines `png_set_tRNS` sets `png_ptr-\u003etrans_alpha = info_ptr-\u003etrans_alpha` (256-byte buffer) and `png_set_PLTE` sets `info_ptr-\u003epalette = png_ptr-\u003epalette` (768-byte buffer). In both cases, calling `png_free_data` (with `PNG_FREE_TRNS` or `PNG_FREE_PLTE`) frees the buffer through `info_ptr` while the corresponding `png_ptr` pointer remains dangling. Subsequent row-transform functions dereference and, in some code paths, write to the freed memory. A second call to `png_set_tRNS` or `png_set_PLTE` has the same effect, because both functions call `png_free_data` internally before reallocating the `info_ptr` buffer. Version 1.6.56 fixes the issue.",
"title": "CVE Description"
},
{
"category": "description",
"text": "The EVA Karl Fischer titrator must receive a crafted PNG image during the LabX login flow.",
"title": "Vulnerability Characterisation"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004"
],
"recommended": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Titration software version 2.0.2.6, which includes a fix for CVE-2026-33416.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004"
]
}
],
"title": "LIBPNG has use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE`"
}
]
}
WID-SEC-W-2026-0870
Vulnerability from csaf_certbund - Published: 2026-03-25 23:00 - Updated: 2026-06-16 22:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 9.6
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:9.6
|
9.6 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source libpng <1.6.56
Open Source / libpng
|
<1.6.56 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 9.6
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:9.6
|
9.6 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source libpng <1.6.56
Open Source / libpng
|
<1.6.56 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Die libpng ist die offizielle Referenzbibliothek f\u00fcr die Darstellung und Manipulation von Bildern im Portable Network Graphics (PNG) Format.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in libpng ausnutzen, um beliebigen Programmcode auszuf\u00fchren oder einen Denial of Service zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0870 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0870.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0870 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0870"
},
{
"category": "external",
"summary": "OSS Security Mailing List vom 2026-03-25",
"url": "https://seclists.org/oss-sec/2026/q1/387"
},
{
"category": "external",
"summary": "libpng GitHub vom 2026-03-25",
"url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-m4pc-p4q3-4c7j"
},
{
"category": "external",
"summary": "libpng GitHub vom 2026-03-25",
"url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-WJR5-C57X-95M2"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10451-1 vom 2026-03-31",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BW7FXXY3UCNLQ5X4KG3NSGMFBE7B3G2R/"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6189 vom 2026-03-31",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00098.html"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2026-C6C617FE35 vom 2026-04-07",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2026-c6c617fe35"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4521 vom 2026-04-02",
"url": "https://lists.debian.org/debian-lts-announce/2026/04/msg00001.html"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2026-BA18A54554 vom 2026-04-07",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2026-ba18a54554"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2026-67C20BFB74 vom 2026-04-07",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2026-67c20bfb74"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:20466-1 vom 2026-04-09",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3PYSKYKCP5UVHUBF6G52O6GPIKOALANG/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21000-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025224.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:7672 vom 2026-04-13",
"url": "https://access.redhat.com/errata/RHSA-2026:7672"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:7671 vom 2026-04-13",
"url": "https://access.redhat.com/errata/RHSA-2026:7671"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21067-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025274.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21038-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025302.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2026-3243 vom 2026-04-14",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2026-3243.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2026-3244 vom 2026-04-14",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2026-3244.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:8052 vom 2026-04-14",
"url": "https://access.redhat.com/errata/RHSA-2026:8052"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1323-1 vom 2026-04-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025333.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1311-1 vom 2026-04-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025326.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1368-1 vom 2026-04-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025352.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-8459 vom 2026-04-17",
"url": "https://linux.oracle.com/errata/ELSA-2026-8459.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1500-1 vom 2026-04-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025479.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21138-1 vom 2026-04-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025519.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:9693 vom 2026-04-22",
"url": "https://access.redhat.com/errata/RHSA-2026:9693"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:9254 vom 2026-04-22",
"url": "https://access.redhat.com/errata/RHSA-2026:9254"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:9255 vom 2026-04-22",
"url": "https://access.redhat.com/errata/RHSA-2026:9255"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:11813 vom 2026-04-29",
"url": "https://access.redhat.com/errata/RHSA-2026:11813"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:11805 vom 2026-04-29",
"url": "https://access.redhat.com/errata/RHSA-2026:11805"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10640-1 vom 2026-04-30",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XIE7LM4AK2R45TAYTB7NKRDWE4D3RHTT/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:13342 vom 2026-05-04",
"url": "https://access.redhat.com/errata/RHSA-2026:13342"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:12264 vom 2026-04-30",
"url": "https://access.redhat.com/errata/RHSA-2026:12264"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:13533 vom 2026-05-04",
"url": "https://access.redhat.com/errata/RHSA-2026:13533"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:13600 vom 2026-05-05",
"url": "https://access.redhat.com/errata/RHSA-2026:13600"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:13582 vom 2026-05-05",
"url": "https://access.redhat.com/errata/RHSA-2026:13582"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:13412 vom 2026-05-04",
"url": "https://access.redhat.com/errata/RHSA-2026:13412"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:13596 vom 2026-05-05",
"url": "https://access.redhat.com/errata/RHSA-2026:13596"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:13665 vom 2026-05-05",
"url": "https://access.redhat.com/errata/RHSA-2026:13665"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:13683 vom 2026-05-05",
"url": "https://access.redhat.com/errata/RHSA-2026:13683"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:14303 vom 2026-05-06",
"url": "https://access.redhat.com/errata/RHSA-2026:14303"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:13977 vom 2026-05-06",
"url": "https://access.redhat.com/errata/RHSA-2026:13977"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1716-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025887.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:14223 vom 2026-05-06",
"url": "https://access.redhat.com/errata/RHSA-2026:14223"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1702-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025847.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8251-1 vom 2026-05-07",
"url": "https://ubuntu.com/security/notices/USN-8251-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:14791 vom 2026-05-08",
"url": "https://access.redhat.com/errata/RHSA-2026:14791"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:14790 vom 2026-05-07",
"url": "https://access.redhat.com/errata/RHSA-2026:14790"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-14791 vom 2026-05-08",
"url": "https://linux.oracle.com/errata/ELSA-2026-14791.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-14790 vom 2026-05-07",
"url": "https://linux.oracle.com/errata/ELSA-2026-14790.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:15889 vom 2026-05-11",
"url": "https://access.redhat.com/errata/RHSA-2026:15889"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:14791 vom 2026-05-11",
"url": "https://errata.build.resf.org/RLSA-2026:14791"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:14790 vom 2026-05-11",
"url": "https://errata.build.resf.org/RLSA-2026:14790"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:17603 vom 2026-05-14",
"url": "https://access.redhat.com/errata/RHSA-2026:17603"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:17685 vom 2026-05-14",
"url": "https://access.redhat.com/errata/RHSA-2026:17685"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:17524 vom 2026-05-14",
"url": "https://access.redhat.com/errata/RHSA-2026:17524"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:17567 vom 2026-05-14",
"url": "https://access.redhat.com/errata/RHSA-2026:17567"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:17642 vom 2026-05-14",
"url": "https://access.redhat.com/errata/RHSA-2026:17642"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:18028 vom 2026-05-18",
"url": "https://access.redhat.com/errata/RHSA-2026:18028"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-18064 vom 2026-05-18",
"url": "https://linux.oracle.com/errata/ELSA-2026-18064.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-18028 vom 2026-05-18",
"url": "https://linux.oracle.com/errata/ELSA-2026-18028.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:18064 vom 2026-05-18",
"url": "https://access.redhat.com/errata/RHSA-2026:18064"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:18028 vom 2026-05-19",
"url": "https://errata.build.resf.org/RLSA-2026:18028"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:18064 vom 2026-05-19",
"url": "https://errata.build.resf.org/RLSA-2026:18064"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2026-9A678A08C8 vom 2026-05-26",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2026-9a678a08c8"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2026-A109A9AC2C vom 2026-05-26",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2026-a109a9ac2c"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2026-67C1138ED2 vom 2026-05-26",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2026-67c1138ed2"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:20551 vom 2026-05-26",
"url": "https://access.redhat.com/errata/RHSA-2026:20551"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:20550 vom 2026-05-26",
"url": "https://access.redhat.com/errata/RHSA-2026:20550"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:20549 vom 2026-05-26",
"url": "https://access.redhat.com/errata/RHSA-2026:20549"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:20548 vom 2026-05-26",
"url": "https://access.redhat.com/errata/RHSA-2026:20548"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:25096 vom 2026-06-10",
"url": "https://access.redhat.com/errata/RHSA-2026:25096"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-26347 vom 2026-06-17",
"url": "https://linux.oracle.com/errata/ELSA-2026-26347.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:26348 vom 2026-06-17",
"url": "https://errata.build.resf.org/RLSA-2026:26348"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-26348 vom 2026-06-17",
"url": "https://linux.oracle.com/errata/ELSA-2026-26348.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:26347 vom 2026-06-16",
"url": "https://access.redhat.com/errata/RHSA-2026:26347"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:26347 vom 2026-06-17",
"url": "https://errata.build.resf.org/RLSA-2026:26347"
}
],
"source_lang": "en-US",
"title": "libpng: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-06-16T22:00:00.000+00:00",
"generator": {
"date": "2026-06-17T09:00:06.565+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-0870",
"initial_release_date": "2026-03-25T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-03-25T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-03-26T23:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: EUVD-2026-16258, EUVD-2026-16269"
},
{
"date": "2026-03-31T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von openSUSE und Debian aufgenommen"
},
{
"date": "2026-04-06T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Fedora und Debian aufgenommen"
},
{
"date": "2026-04-09T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-04-12T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE und Red Hat aufgenommen"
},
{
"date": "2026-04-13T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE und Amazon aufgenommen"
},
{
"date": "2026-04-14T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-04-15T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-04-16T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-04-20T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-04-21T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-04-22T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-04-29T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-05-03T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von openSUSE und Red Hat aufgenommen"
},
{
"date": "2026-05-04T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-05-06T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Red Hat und SUSE aufgenommen"
},
{
"date": "2026-05-07T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Ubuntu, Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2026-05-10T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-05-11T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2026-05-14T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-05-17T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-05-18T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2026-05-19T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2026-05-25T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Fedora und Red Hat aufgenommen"
},
{
"date": "2026-06-10T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-06-16T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Oracle Linux, Rocky Enterprise Software Foundation und Red Hat aufgenommen"
}
],
"status": "final",
"version": "27"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.6.56",
"product": {
"name": "Open Source libpng \u003c1.6.56",
"product_id": "T052179"
}
},
{
"category": "product_version",
"name": "1.6.56",
"product": {
"name": "Open Source libpng 1.6.56",
"product_id": "T052179-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:libpng:libpng:1.6.56"
}
}
}
],
"category": "product_name",
"name": "libpng"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_version",
"name": "9.6",
"product": {
"name": "Red Hat Enterprise Linux 9.6",
"product_id": "T054076",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:9.6"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33416",
"product_status": {
"known_affected": [
"T054076",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T004914",
"T052179",
"T032255",
"74185"
]
},
"release_date": "2026-03-25T23:00:00.000+00:00",
"title": "CVE-2026-33416"
},
{
"cve": "CVE-2026-33636",
"product_status": {
"known_affected": [
"T054076",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T004914",
"T052179",
"T032255",
"74185"
]
},
"release_date": "2026-03-25T23:00:00.000+00:00",
"title": "CVE-2026-33636"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.