Vulnerability-Lookup

CVE-2025-65018 (GCVE-0-2025-65018)

Vulnerability from cvelistv5 – Published: 2025-11-24 23:50 – Updated: 2025-11-25 19:29

Title

LIBPNG is vulnerable to a heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read`

Summary

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, there is a heap buffer overflow vulnerability in the libpng simplified API function png_image_finish_read when processing 16-bit interlaced PNGs with 8-bit output format. Attacker-crafted interlaced PNG files cause heap writes beyond allocated buffer bounds. This issue has been patched in version 1.6.51.

Severity

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

SSVC

Exploitation: poc Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-787 - Out-of-bounds Write
CWE-122 - Heap-based Buffer Overflow

Assigner

GitHub_M

References

5 references

URL	Tags
https://github.com/pnggroup/libpng/security/advis…	x_refsource_CONFIRM
https://github.com/pnggroup/libpng/issues/755	x_refsource_MISC
https://github.com/pnggroup/libpng/pull/757	x_refsource_MISC
https://github.com/pnggroup/libpng/commit/16b5e38…	x_refsource_MISC
https://github.com/pnggroup/libpng/commit/218612d…	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
pnggroup	libpng	Affected: >= 1.6.0, < 1.6.51

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-65018",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-25T19:29:28.950712Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-25T19:29:33.633Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-7wv6-48j4-hj3g"
          },
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/pnggroup/libpng/issues/755"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "libpng",
          "vendor": "pnggroup",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.6.0, \u003c 1.6.51"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, there is a heap buffer overflow vulnerability in the libpng simplified API function png_image_finish_read when processing 16-bit interlaced PNGs with 8-bit output format. Attacker-crafted interlaced PNG files cause heap writes beyond allocated buffer bounds. This issue has been patched in version 1.6.51."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787: Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122: Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-24T23:50:18.294Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/pnggroup/libpng/security/advisories/GHSA-7wv6-48j4-hj3g",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-7wv6-48j4-hj3g"
        },
        {
          "name": "https://github.com/pnggroup/libpng/issues/755",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/pnggroup/libpng/issues/755"
        },
        {
          "name": "https://github.com/pnggroup/libpng/pull/757",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/pnggroup/libpng/pull/757"
        },
        {
          "name": "https://github.com/pnggroup/libpng/commit/16b5e3823918840aae65c0a6da57c78a5a496a4d",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/pnggroup/libpng/commit/16b5e3823918840aae65c0a6da57c78a5a496a4d"
        },
        {
          "name": "https://github.com/pnggroup/libpng/commit/218612ddd6b17944e21eda56caf8b4bf7779d1ea",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/pnggroup/libpng/commit/218612ddd6b17944e21eda56caf8b4bf7779d1ea"
        }
      ],
      "source": {
        "advisory": "GHSA-7wv6-48j4-hj3g",
        "discovery": "UNKNOWN"
      },
      "title": "LIBPNG is vulnerable to a heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read`"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-65018",
    "datePublished": "2025-11-24T23:50:18.294Z",
    "dateReserved": "2025-11-13T15:36:51.680Z",
    "dateUpdated": "2025-11-25T19:29:33.633Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-65018",
      "date": "2026-06-03",
      "epss": "0.00065",
      "percentile": "0.20475"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-65018\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-11-25T00:15:47.610\",\"lastModified\":\"2025-11-26T18:34:53.650\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, there is a heap buffer overflow vulnerability in the libpng simplified API function png_image_finish_read when processing 16-bit interlaced PNGs with 8-bit output format. Attacker-crafted interlaced PNG files cause heap writes beyond allocated buffer bounds. This issue has been patched in version 1.6.51.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-122\"},{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.6.0\",\"versionEndExcluding\":\"1.6.51\",\"matchCriteriaId\":\"3545FEA5-4FFA-4955-BFDA-CC3602C9A894\"}]}]}],\"references\":[{\"url\":\"https://github.com/pnggroup/libpng/commit/16b5e3823918840aae65c0a6da57c78a5a496a4d\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/pnggroup/libpng/commit/218612ddd6b17944e21eda56caf8b4bf7779d1ea\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/pnggroup/libpng/issues/755\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Issue Tracking\"]},{\"url\":\"https://github.com/pnggroup/libpng/pull/757\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/pnggroup/libpng/security/advisories/GHSA-7wv6-48j4-hj3g\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/pnggroup/libpng/issues/755\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Issue Tracking\"]},{\"url\":\"https://github.com/pnggroup/libpng/security/advisories/GHSA-7wv6-48j4-hj3g\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-65018\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-11-25T19:29:28.950712Z\"}}}], \"references\": [{\"url\": \"https://github.com/pnggroup/libpng/security/advisories/GHSA-7wv6-48j4-hj3g\", \"tags\": [\"exploit\"]}, {\"url\": \"https://github.com/pnggroup/libpng/issues/755\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-11-25T19:29:24.065Z\"}}], \"cna\": {\"title\": \"LIBPNG is vulnerable to a heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read`\", \"source\": {\"advisory\": \"GHSA-7wv6-48j4-hj3g\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.1, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"pnggroup\", \"product\": \"libpng\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 1.6.0, \u003c 1.6.51\"}]}], \"references\": [{\"url\": \"https://github.com/pnggroup/libpng/security/advisories/GHSA-7wv6-48j4-hj3g\", \"name\": \"https://github.com/pnggroup/libpng/security/advisories/GHSA-7wv6-48j4-hj3g\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/pnggroup/libpng/issues/755\", \"name\": \"https://github.com/pnggroup/libpng/issues/755\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/pnggroup/libpng/pull/757\", \"name\": \"https://github.com/pnggroup/libpng/pull/757\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/pnggroup/libpng/commit/16b5e3823918840aae65c0a6da57c78a5a496a4d\", \"name\": \"https://github.com/pnggroup/libpng/commit/16b5e3823918840aae65c0a6da57c78a5a496a4d\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/pnggroup/libpng/commit/218612ddd6b17944e21eda56caf8b4bf7779d1ea\", \"name\": \"https://github.com/pnggroup/libpng/commit/218612ddd6b17944e21eda56caf8b4bf7779d1ea\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, there is a heap buffer overflow vulnerability in the libpng simplified API function png_image_finish_read when processing 16-bit interlaced PNGs with 8-bit output format. Attacker-crafted interlaced PNG files cause heap writes beyond allocated buffer bounds. This issue has been patched in version 1.6.51.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787: Out-of-bounds Write\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-122\", \"description\": \"CWE-122: Heap-based Buffer Overflow\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-11-24T23:50:18.294Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-65018\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-25T19:29:33.633Z\", \"dateReserved\": \"2025-11-13T15:36:51.680Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-11-24T23:50:18.294Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

MSRC_CVE-2025-65018

Vulnerability from csaf_microsoft - Published: 2025-11-02 00:00 - Updated: 2025-12-02 01:40

Summary

LIBPNG is vulnerable to a heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read`

Notes

Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

CVE-2025-65018

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

CWE-787 - Out-of-bounds Write

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: 20674-17084		—
Unresolved product id: 18435-17086		—

Known affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: 17084-1		—	Vendor Fix fix
Unresolved product id: 17086-5		—	Vendor Fix fix

Known not affected 4 products

Product	Identifier	Version	Remediation
Unresolved product id: 17084-4		—
Unresolved product id: 17084-6		—
Unresolved product id: 17086-2		—
Unresolved product id: 17086-3		—

References

4 references

URL	Category
https://msrc.microsoft.com/csaf/vex/2025/msrc_cve…	self
https://support.microsoft.com/lifecycle	external
https://www.first.org/cvss	external
https://msrc.microsoft.com/csaf/vex/2025/msrc_cve…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2025-65018 LIBPNG is vulnerable to a heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read` - VEX",
        "url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-65018.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "LIBPNG is vulnerable to a heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read`",
    "tracking": {
      "current_release_date": "2025-12-02T01:40:36.000Z",
      "generator": {
        "date": "2026-01-03T09:42:28.019Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2025-65018",
      "initial_release_date": "2025-11-02T00:00:00.000Z",
      "revision_history": [
        {
          "date": "2025-11-27T01:03:43.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        },
        {
          "date": "2025-12-02T01:40:36.000Z",
          "legacy_version": "2",
          "number": "2",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "3.0",
                "product": {
                  "name": "Azure Linux 3.0",
                  "product_id": "17084"
                }
              },
              {
                "category": "product_version",
                "name": "2.0",
                "product": {
                  "name": "CBL Mariner 2.0",
                  "product_id": "17086"
                }
              }
            ],
            "category": "product_name",
            "name": "Azure Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cazl3 libpng 1.6.40-1",
                "product": {
                  "name": "\u003cazl3 libpng 1.6.40-1",
                  "product_id": "1"
                }
              },
              {
                "category": "product_version",
                "name": "azl3 libpng 1.6.40-1",
                "product": {
                  "name": "azl3 libpng 1.6.40-1",
                  "product_id": "20674"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003ccbl2 libpng 1.6.39-1",
                "product": {
                  "name": "\u003ccbl2 libpng 1.6.39-1",
                  "product_id": "5"
                }
              },
              {
                "category": "product_version",
                "name": "cbl2 libpng 1.6.39-1",
                "product": {
                  "name": "cbl2 libpng 1.6.39-1",
                  "product_id": "18435"
                }
              }
            ],
            "category": "product_name",
            "name": "libpng"
          },
          {
            "category": "product_name",
            "name": "azl3 qtbase 6.6.3-4",
            "product": {
              "name": "azl3 qtbase 6.6.3-4",
              "product_id": "4"
            }
          },
          {
            "category": "product_name",
            "name": "azl3 tensorflow 2.16.1-9",
            "product": {
              "name": "azl3 tensorflow 2.16.1-9",
              "product_id": "6"
            }
          },
          {
            "category": "product_name",
            "name": "cbl2 qt5-qtbase 5.12.11-18",
            "product": {
              "name": "cbl2 qt5-qtbase 5.12.11-18",
              "product_id": "2"
            }
          },
          {
            "category": "product_name",
            "name": "cbl2 tensorflow 2.11.1-2",
            "product": {
              "name": "cbl2 tensorflow 2.11.1-2",
              "product_id": "3"
            }
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003cazl3 libpng 1.6.40-1 as a component of Azure Linux 3.0",
          "product_id": "17084-1"
        },
        "product_reference": "1",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 libpng 1.6.40-1 as a component of Azure Linux 3.0",
          "product_id": "20674-17084"
        },
        "product_reference": "20674",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 qtbase 6.6.3-4 as a component of Azure Linux 3.0",
          "product_id": "17084-4"
        },
        "product_reference": "4",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 tensorflow 2.16.1-9 as a component of Azure Linux 3.0",
          "product_id": "17084-6"
        },
        "product_reference": "6",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003ccbl2 libpng 1.6.39-1 as a component of CBL Mariner 2.0",
          "product_id": "17086-5"
        },
        "product_reference": "5",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 libpng 1.6.39-1 as a component of CBL Mariner 2.0",
          "product_id": "18435-17086"
        },
        "product_reference": "18435",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 qt5-qtbase 5.12.11-18 as a component of CBL Mariner 2.0",
          "product_id": "17086-2"
        },
        "product_reference": "2",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 tensorflow 2.11.1-2 as a component of CBL Mariner 2.0",
          "product_id": "17086-3"
        },
        "product_reference": "3",
        "relates_to_product_reference": "17086"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-65018",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "flags": [
        {
          "label": "component_not_present",
          "product_ids": [
            "17084-4",
            "17084-6",
            "17086-2",
            "17086-3"
          ]
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "GitHub_M",
          "title": "Assigning CNA"
        }
      ],
      "product_status": {
        "fixed": [
          "20674-17084",
          "18435-17086"
        ],
        "known_affected": [
          "17084-1",
          "17086-5"
        ],
        "known_not_affected": [
          "17084-4",
          "17084-6",
          "17086-2",
          "17086-3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-65018 LIBPNG is vulnerable to a heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read` - VEX",
          "url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-65018.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-11-27T01:03:43.000Z",
          "details": "1.6.51-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "17084-1",
            "17086-5"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "environmentalsScore": 0.0,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 7.1,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "17084-1",
            "17086-5"
          ]
        }
      ],
      "title": "LIBPNG is vulnerable to a heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read`"
    }
  ]
}

NCSC-2026-0022

Vulnerability from csaf_ncscnl - Published: 2026-01-21 09:25 - Updated: 2026-01-21 09:25

Summary

Kwetsbaarheden verholpen in Oracle Communications producten

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten: Oracle heeft kwetsbaarheden verholpen in Oracle Communications producten.

Interpretaties: De kwetsbaarheden stellen aanvallers in staat om ongeautoriseerde toegang te krijgen tot het systeem, wat kan leiden tot gegevensmanipulatie en gedeeltelijke denial-of-service. De aanvallers kunnen deze kwetsbaarheden misbruiken via HTTP-verzoeken, wat mogelijk resulteert in een significante impact op de beschikbaarheid en integriteit van de gegevens.

Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-863: Incorrect Authorization

CWE-937: CWE-937

CWE-1035: CWE-1035

CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CWE-20: Improper Input Validation

CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-116: Improper Encoding or Escaping of Output

CWE-121: Stack-based Buffer Overflow

CWE-122: Heap-based Buffer Overflow

CWE-123: Write-what-where Condition

CWE-125: Out-of-bounds Read

CWE-126: Buffer Over-read

CWE-201: Insertion of Sensitive Information Into Sent Data

CWE-209: Generation of Error Message Containing Sensitive Information

CWE-252: Unchecked Return Value

CWE-284: Improper Access Control

CWE-285: Improper Authorization

CWE-295: Improper Certificate Validation

CWE-297: Improper Validation of Certificate with Host Mismatch

CWE-393: Return of Wrong Status Code

CWE-400: Uncontrolled Resource Consumption

CWE-404: Improper Resource Shutdown or Release

CWE-407: Inefficient Algorithmic Complexity

CWE-409: Improper Handling of Highly Compressed Data (Data Amplification)

CWE-415: Double Free

CWE-416: Use After Free

CWE-611: Improper Restriction of XML External Entity Reference

CWE-674: Uncontrolled Recursion

CWE-770: Allocation of Resources Without Limits or Throttling

CWE-787: Out-of-bounds Write

CWE-789: Memory Allocation with Excessive Size Value

CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')

CVE-2024-12133

Multiple vulnerabilities across Oracle Communications products and GNU libtasn1 versions could allow unauthenticated attackers to execute partial denial of service attacks, with CVSS scores of 5.3 for affected versions.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-407 - Inefficient Algorithmic Complexity

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2024-46901

Recent vulnerabilities in Oracle Communications Unified Assurance and Apache Subversion, including denial-of-service risks and insufficient filename validation, highlight critical security concerns across multiple versions.

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CWE-116 - Improper Encoding or Escaping of Output

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-5115

Multiple vulnerabilities, including the 'MadeYouReset' attack in HTTP/2 and unauthenticated issues in Oracle products, can lead to denial of service across various platforms such as Eclipse Jetty and SAP Commerce Cloud.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-5318

Multiple vulnerabilities across MySQL Workbench, Oracle Communications Policy Management, and libssh expose sensitive data and integrity risks, with CVSS scores of 5.4 and moderate severity for certain libssh flaws.

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L

CWE-125 - Out-of-bounds Read

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-5987

Multiple vulnerabilities in Oracle Communications products and libssh could allow low privileged attackers to manipulate data, disclose sensitive information, or cause system disruptions.

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-393 - Return of Wrong Status Code

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-8194

Recent updates for Python 3 address multiple vulnerabilities, including denial of service risks in the tarfile module and HTML parsing, affecting various versions and leading to potential infinite loops and deadlocks.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-8916

Multiple vulnerabilities have been identified across various products, including Bouncy Castle for Java, Oracle Communications, and Siebel CRM, allowing for excessive resource allocation and potential denial of service by unauthenticated attackers.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-9900

Recent vulnerabilities in Oracle Communications Policy Management and Libtiff, including a critical flaw in Libtiff allowing memory manipulation, pose significant risks to system integrity and confidentiality.

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-123 - Write-what-where Condition

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-25193

Recent updates reveal critical vulnerabilities in Netty and various Oracle products, primarily leading to denial of service risks due to unsafe file handling and low privilege exploitability.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-26333

Oracle Database Server and Oracle GoldenGate have Security-in-Depth issues related to Dell BSAFE Crypto-J, which cannot be exploited within their respective contexts, although error messages may expose sensitive information.

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-209 - Generation of Error Message Containing Sensitive Information

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-27533

Multiple vulnerabilities across Apache ActiveMQ and Oracle products allow unauthenticated attackers to exploit denial of service (DoS) conditions through various network access methods, affecting several versions.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-789 - Memory Allocation with Excessive Size Value

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-32988

Multiple vulnerabilities have been identified in Oracle Cloud Native Session Border Controller, Oracle Communications Unified Inventory Management, and GnuTLS, allowing for denial of service and unauthorized data access or modification.

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

CWE-415 - Double Free

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-32990

Recent vulnerabilities in Oracle Communications products and GnuTLS's certtool utility expose systems to denial-of-service and unauthorized data access, with CVSS scores of 8.2 for Oracle and critical heap buffer overflow issues in GnuTLS.

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

CWE-122 - Heap-based Buffer Overflow

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-41249

Multiple vulnerabilities have been identified in Oracle Financial Services and Retail products, as well as the Spring Framework, allowing unauthorized access to sensitive data and potentially leading to information disclosure.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-285 - Improper Authorization

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-46727

Recent vulnerabilities in Rack and Oracle Communications Unified Assurance allow denial of service through unbounded parameter parsing and unauthenticated HTTP requests, affecting multiple versions and leading to potential memory exhaustion.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-48060

Recent vulnerabilities in Oracle Cloud Native Session Border Controller and the jq command-line JSON processor expose systems to denial of service attacks, with significant severity ratings.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-121 - Stack-based Buffer Overflow

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-48734

Recent updates to Apache Commons BeanUtils and Oracle products address multiple vulnerabilities, including remote code execution and system compromise risks, affecting various versions and components.

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-284 - Improper Access Control

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-48924

Multiple vulnerabilities have been identified in Oracle WebLogic Server and Oracle Communications ASAP, both allowing unauthenticated partial denial of service, alongside an uncontrolled recursion issue in Apache Commons Lang leading to potential application crashes.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE-674 - Uncontrolled Recursion

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-48976

Multiple denial-of-service vulnerabilities have been identified in Oracle Application Testing Suite, Oracle Agile PLM, Apache Commons FileUpload, and HPE IceWall Identity Manager, with CVSS scores of 7.5 for some products.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-49844

Redis versions 8.2.1 and below, along with valkey version 8.0.6, have vulnerabilities in the Lua scripting engine that can lead to remote code execution, with fixes available in newer versions.

10.0 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-54571

Recent vulnerabilities in Oracle HTTP Server and ModSecurity allow for denial of service and potential XSS attacks, affecting specific versions with significant severity scores.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-252 - Unchecked Return Value

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-55163

Recent updates to Netty and Oracle Communications products address critical vulnerabilities, including the 'MadeYouReset' attack in HTTP/2, which can lead to denial of service and resource exhaustion.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-58057

Multiple vulnerabilities across various products, including the `BrotliDecoder`, Oracle Communications Cloud Native Core Policy, and HPE Telco Intelligent Assurance, can lead to denial of service (DoS) through excessive resource allocation or malformed inputs.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-409 - Improper Handling of Highly Compressed Data (Data Amplification)

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-58098

Recent vulnerabilities in Oracle Communications Unified Assurance and Apache HTTP Server versions prior to 2.4.66 expose systems to unauthorized access and denial of service risks, with CVSS scores indicating moderate severity.

8.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

CWE-201 - Insertion of Sensitive Information Into Sent Data

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-59375

Multiple vulnerabilities, including a memory amplification issue in libexpat and a DoS vulnerability in Oracle Communications Network Analytics, can lead to denial-of-service attacks without enabling arbitrary code execution.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-61795

Apache Tomcat and Oracle Communications Unified Assurance have critical vulnerabilities related to Denial of Service (DoS) risks, affecting multiple versions and requiring updates to address issues like improper resource shutdown and HTTP access exploitation.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-64718

Vulnerabilities in js-yaml and Oracle Communications Unified Assurance products allow for prototype pollution and system compromise, respectively, with specific versions affected and available patches.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-65018

Recent vulnerabilities in Oracle Communications Unified Assurance and libpng affect data integrity and system availability, with specific issues including buffer overflows and unauthorized access in various versions.

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

CWE-122 - Heap-based Buffer Overflow

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-66418

The urllib3 library had a vulnerability allowing unbounded decompression chains, leading to potential Denial of Service (DoS) attacks due to excessive CPU and memory usage, fixed in version 2.6.0.

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-66516

Apache Tika has a critical XML External Entity (XXE) injection vulnerability affecting multiple modules, particularly in PDF parsing, allowing remote attackers to exploit crafted files for sensitive information disclosure or remote code execution.

10.0 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-611 - Improper Restriction of XML External Entity Reference

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

CVE-2025-68161

Apache Log4j Core versions 2.0-beta9 to 2.25.2 lack TLS hostname verification in the Socket Appender, while Oracle's Primavera Gateway has a vulnerability allowing unauthenticated access via TLS.

5.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

CWE-297 - Improper Validation of Certificate with Host Mismatch

Affected products

Known affected 18 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Communications		vers:unknown/*
vers:unknown/* Oracle / Oracle Cloud Native Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications ASAP		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications BRM - Elastic Charging Engine		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Billing and Revenue Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Element Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications IP Service Activator		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Analytics Data Director		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Network Integrity		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Operations Monitor		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Order and Service Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Policy Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Pricing Design Center		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Border Controller		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Session Report Manager		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Assurance		vers:unknown/*
vers:unknown/* Oracle / Oracle Communications Unified Inventory Management		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Communications Broker		vers:unknown/*

References

32 references

URL	Category
https://www.oracle.com/security-alerts/cpujan2026.html	external
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Oracle heeft kwetsbaarheden verholpen in Oracle Communications producten.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden stellen aanvallers in staat om ongeautoriseerde toegang te krijgen tot het systeem, wat kan leiden tot gegevensmanipulatie en gedeeltelijke denial-of-service. De aanvallers kunnen deze kwetsbaarheden misbruiken via HTTP-verzoeken, wat mogelijk resulteert in een significante impact op de beschikbaarheid en integriteit van de gegevens.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Incorrect Authorization",
        "title": "CWE-863"
      },
      {
        "category": "general",
        "text": "CWE-937",
        "title": "CWE-937"
      },
      {
        "category": "general",
        "text": "CWE-1035",
        "title": "CWE-1035"
      },
      {
        "category": "general",
        "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
        "title": "CWE-1321"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
        "title": "CWE-77"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      },
      {
        "category": "general",
        "text": "Improper Encoding or Escaping of Output",
        "title": "CWE-116"
      },
      {
        "category": "general",
        "text": "Stack-based Buffer Overflow",
        "title": "CWE-121"
      },
      {
        "category": "general",
        "text": "Heap-based Buffer Overflow",
        "title": "CWE-122"
      },
      {
        "category": "general",
        "text": "Write-what-where Condition",
        "title": "CWE-123"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Read",
        "title": "CWE-125"
      },
      {
        "category": "general",
        "text": "Buffer Over-read",
        "title": "CWE-126"
      },
      {
        "category": "general",
        "text": "Insertion of Sensitive Information Into Sent Data",
        "title": "CWE-201"
      },
      {
        "category": "general",
        "text": "Generation of Error Message Containing Sensitive Information",
        "title": "CWE-209"
      },
      {
        "category": "general",
        "text": "Unchecked Return Value",
        "title": "CWE-252"
      },
      {
        "category": "general",
        "text": "Improper Access Control",
        "title": "CWE-284"
      },
      {
        "category": "general",
        "text": "Improper Authorization",
        "title": "CWE-285"
      },
      {
        "category": "general",
        "text": "Improper Certificate Validation",
        "title": "CWE-295"
      },
      {
        "category": "general",
        "text": "Improper Validation of Certificate with Host Mismatch",
        "title": "CWE-297"
      },
      {
        "category": "general",
        "text": "Return of Wrong Status Code",
        "title": "CWE-393"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Inefficient Algorithmic Complexity",
        "title": "CWE-407"
      },
      {
        "category": "general",
        "text": "Improper Handling of Highly Compressed Data (Data Amplification)",
        "title": "CWE-409"
      },
      {
        "category": "general",
        "text": "Double Free",
        "title": "CWE-415"
      },
      {
        "category": "general",
        "text": "Use After Free",
        "title": "CWE-416"
      },
      {
        "category": "general",
        "text": "Improper Restriction of XML External Entity Reference",
        "title": "CWE-611"
      },
      {
        "category": "general",
        "text": "Uncontrolled Recursion",
        "title": "CWE-674"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "Memory Allocation with Excessive Size Value",
        "title": "CWE-789"
      },
      {
        "category": "general",
        "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
        "title": "CWE-835"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://www.oracle.com/security-alerts/cpujan2026.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Oracle Communications producten",
    "tracking": {
      "current_release_date": "2026-01-21T09:25:39.876330Z",
      "generator": {
        "date": "2025-08-04T16:30:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.3"
        }
      },
      "id": "NCSC-2026-0022",
      "initial_release_date": "2026-01-21T09:25:39.876330Z",
      "revision_history": [
        {
          "date": "2026-01-21T09:25:39.876330Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-1"
                }
              }
            ],
            "category": "product_name",
            "name": "Communications"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-2"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Cloud Native Session Border Controller"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-3"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Communications ASAP"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-4"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Communications BRM - Elastic Charging Engine"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-5"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Communications Billing and Revenue Management"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-6"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Communications Element Manager"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-7"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Communications IP Service Activator"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-8"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Communications Network Analytics Data Director"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-9"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Communications Network Integrity"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-10"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Communications Operations Monitor"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-11"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Communications Order and Service Management"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-12"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Communications Policy Management"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-13"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Communications Pricing Design Center"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-14"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Communications Session Border Controller"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-15"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Communications Session Report Manager"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-16"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Communications Unified Assurance"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-17"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Communications Unified Inventory Management"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-18"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Enterprise Communications Broker"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-12133",
      "cwe": {
        "id": "CWE-407",
        "name": "Inefficient Algorithmic Complexity"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inefficient Algorithmic Complexity",
          "title": "CWE-407"
        },
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities across Oracle Communications products and GNU libtasn1 versions could allow unauthenticated attackers to execute partial denial of service attacks, with CVSS scores of 5.3 for affected versions.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-12133 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-12133.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2024-12133"
    },
    {
      "cve": "CVE-2024-46901",
      "cwe": {
        "id": "CWE-116",
        "name": "Improper Encoding or Escaping of Output"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Encoding or Escaping of Output",
          "title": "CWE-116"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "description",
          "text": "Recent vulnerabilities in Oracle Communications Unified Assurance and Apache Subversion, including denial-of-service risks and insufficient filename validation, highlight critical security concerns across multiple versions.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-46901 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-46901.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2024-46901"
    },
    {
      "cve": "CVE-2025-5115",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities, including the \u0027MadeYouReset\u0027 attack in HTTP/2 and unauthenticated issues in Oracle products, can lead to denial of service across various platforms such as Eclipse Jetty and SAP Commerce Cloud.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-5115 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-5115.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-5115"
    },
    {
      "cve": "CVE-2025-5318",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities across MySQL Workbench, Oracle Communications Policy Management, and libssh expose sensitive data and integrity risks, with CVSS scores of 5.4 and moderate severity for certain libssh flaws.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-5318 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-5318.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-5318"
    },
    {
      "cve": "CVE-2025-5987",
      "cwe": {
        "id": "CWE-393",
        "name": "Return of Wrong Status Code"
      },
      "notes": [
        {
          "category": "other",
          "text": "Return of Wrong Status Code",
          "title": "CWE-393"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities in Oracle Communications products and libssh could allow low privileged attackers to manipulate data, disclose sensitive information, or cause system disruptions.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-5987 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-5987.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-5987"
    },
    {
      "cve": "CVE-2025-8194",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
          "title": "CWE-835"
        },
        {
          "category": "description",
          "text": "Recent updates for Python 3 address multiple vulnerabilities, including denial of service risks in the tarfile module and HTML parsing, affecting various versions and leading to potential infinite loops and deadlocks.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-8194 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-8194.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-8194"
    },
    {
      "cve": "CVE-2025-8916",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "other",
          "text": "CWE-1035",
          "title": "CWE-1035"
        },
        {
          "category": "other",
          "text": "CWE-937",
          "title": "CWE-937"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities have been identified across various products, including Bouncy Castle for Java, Oracle Communications, and Siebel CRM, allowing for excessive resource allocation and potential denial of service by unauthenticated attackers.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-8916 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-8916.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-8916"
    },
    {
      "cve": "CVE-2025-9900",
      "cwe": {
        "id": "CWE-123",
        "name": "Write-what-where Condition"
      },
      "notes": [
        {
          "category": "other",
          "text": "Write-what-where Condition",
          "title": "CWE-123"
        },
        {
          "category": "description",
          "text": "Recent vulnerabilities in Oracle Communications Policy Management and Libtiff, including a critical flaw in Libtiff allowing memory manipulation, pose significant risks to system integrity and confidentiality.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-9900 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-9900.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-9900"
    },
    {
      "cve": "CVE-2025-25193",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "description",
          "text": "Recent updates reveal critical vulnerabilities in Netty and various Oracle products, primarily leading to denial of service risks due to unsafe file handling and low privilege exploitability.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-25193 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-25193.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-25193"
    },
    {
      "cve": "CVE-2025-26333",
      "cwe": {
        "id": "CWE-209",
        "name": "Generation of Error Message Containing Sensitive Information"
      },
      "notes": [
        {
          "category": "other",
          "text": "Generation of Error Message Containing Sensitive Information",
          "title": "CWE-209"
        },
        {
          "category": "description",
          "text": "Oracle Database Server and Oracle GoldenGate have Security-in-Depth issues related to Dell BSAFE Crypto-J, which cannot be exploited within their respective contexts, although error messages may expose sensitive information.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-26333 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-26333.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-26333"
    },
    {
      "cve": "CVE-2025-27533",
      "cwe": {
        "id": "CWE-789",
        "name": "Memory Allocation with Excessive Size Value"
      },
      "notes": [
        {
          "category": "other",
          "text": "Memory Allocation with Excessive Size Value",
          "title": "CWE-789"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities across Apache ActiveMQ and Oracle products allow unauthenticated attackers to exploit denial of service (DoS) conditions through various network access methods, affecting several versions.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:D/RE:M/U:Red",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-27533 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-27533.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-27533"
    },
    {
      "cve": "CVE-2025-32988",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Double Free",
          "title": "CWE-415"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities have been identified in Oracle Cloud Native Session Border Controller, Oracle Communications Unified Inventory Management, and GnuTLS, allowing for denial of service and unauthorized data access or modification.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-32988 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-32988.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-32988"
    },
    {
      "cve": "CVE-2025-32990",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        },
        {
          "category": "description",
          "text": "Recent vulnerabilities in Oracle Communications products and GnuTLS\u0027s certtool utility expose systems to denial-of-service and unauthorized data access, with CVSS scores of 8.2 for Oracle and critical heap buffer overflow issues in GnuTLS.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-32990 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-32990.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-32990"
    },
    {
      "cve": "CVE-2025-41249",
      "cwe": {
        "id": "CWE-285",
        "name": "Improper Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Authorization",
          "title": "CWE-285"
        },
        {
          "category": "other",
          "text": "Incorrect Authorization",
          "title": "CWE-863"
        },
        {
          "category": "other",
          "text": "CWE-1035",
          "title": "CWE-1035"
        },
        {
          "category": "other",
          "text": "CWE-937",
          "title": "CWE-937"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities have been identified in Oracle Financial Services and Retail products, as well as the Spring Framework, allowing unauthorized access to sensitive data and potentially leading to information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-41249 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-41249.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-41249"
    },
    {
      "cve": "CVE-2025-46727",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "description",
          "text": "Recent vulnerabilities in Rack and Oracle Communications Unified Assurance allow denial of service through unbounded parameter parsing and unauthenticated HTTP requests, affecting multiple versions and leading to potential memory exhaustion.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-46727 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-46727.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-46727"
    },
    {
      "cve": "CVE-2025-48060",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "other",
          "text": "Buffer Over-read",
          "title": "CWE-126"
        },
        {
          "category": "description",
          "text": "Recent vulnerabilities in Oracle Cloud Native Session Border Controller and the jq command-line JSON processor expose systems to denial of service attacks, with significant severity ratings.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48060 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48060.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-48060"
    },
    {
      "cve": "CVE-2025-48734",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        },
        {
          "category": "description",
          "text": "Recent updates to Apache Commons BeanUtils and Oracle products address multiple vulnerabilities, including remote code execution and system compromise risks, affecting various versions and components.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48734 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48734.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-48734"
    },
    {
      "cve": "CVE-2025-48924",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Recursion",
          "title": "CWE-674"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities have been identified in Oracle WebLogic Server and Oracle Communications ASAP, both allowing unauthenticated partial denial of service, alongside an uncontrolled recursion issue in Apache Commons Lang leading to potential application crashes.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48924 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48924.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-48924"
    },
    {
      "cve": "CVE-2025-48976",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "description",
          "text": "Multiple denial-of-service vulnerabilities have been identified in Oracle Application Testing Suite, Oracle Agile PLM, Apache Commons FileUpload, and HPE IceWall Identity Manager, with CVSS scores of 7.5 for some products.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48976 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48976.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-48976"
    },
    {
      "cve": "CVE-2025-49844",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        },
        {
          "category": "description",
          "text": "Redis versions 8.2.1 and below, along with valkey version 8.0.6, have vulnerabilities in the Lua scripting engine that can lead to remote code execution, with fixes available in newer versions.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-49844 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-49844.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 10.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-49844"
    },
    {
      "cve": "CVE-2025-54571",
      "cwe": {
        "id": "CWE-252",
        "name": "Unchecked Return Value"
      },
      "notes": [
        {
          "category": "other",
          "text": "Unchecked Return Value",
          "title": "CWE-252"
        },
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        },
        {
          "category": "description",
          "text": "Recent vulnerabilities in Oracle HTTP Server and ModSecurity allow for denial of service and potential XSS attacks, affecting specific versions with significant severity scores.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-54571 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-54571.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-54571"
    },
    {
      "cve": "CVE-2025-55163",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "other",
          "text": "CWE-1035",
          "title": "CWE-1035"
        },
        {
          "category": "other",
          "text": "CWE-937",
          "title": "CWE-937"
        },
        {
          "category": "description",
          "text": "Recent updates to Netty and Oracle Communications products address critical vulnerabilities, including the \u0027MadeYouReset\u0027 attack in HTTP/2, which can lead to denial of service and resource exhaustion.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-55163 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55163.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-55163"
    },
    {
      "cve": "CVE-2025-58057",
      "cwe": {
        "id": "CWE-409",
        "name": "Improper Handling of Highly Compressed Data (Data Amplification)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Handling of Highly Compressed Data (Data Amplification)",
          "title": "CWE-409"
        },
        {
          "category": "other",
          "text": "CWE-1035",
          "title": "CWE-1035"
        },
        {
          "category": "other",
          "text": "CWE-937",
          "title": "CWE-937"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities across various products, including the `BrotliDecoder`, Oracle Communications Cloud Native Core Policy, and HPE Telco Intelligent Assurance, can lead to denial of service (DoS) through excessive resource allocation or malformed inputs.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-58057 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58057.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-58057"
    },
    {
      "cve": "CVE-2025-58098",
      "cwe": {
        "id": "CWE-201",
        "name": "Insertion of Sensitive Information Into Sent Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insertion of Sensitive Information Into Sent Data",
          "title": "CWE-201"
        },
        {
          "category": "description",
          "text": "Recent vulnerabilities in Oracle Communications Unified Assurance and Apache HTTP Server versions prior to 2.4.66 expose systems to unauthorized access and denial of service risks, with CVSS scores indicating moderate severity.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-58098 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58098.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-58098"
    },
    {
      "cve": "CVE-2025-59375",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities, including a memory amplification issue in libexpat and a DoS vulnerability in Oracle Communications Network Analytics, can lead to denial-of-service attacks without enabling arbitrary code execution.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-59375 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59375.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-59375"
    },
    {
      "cve": "CVE-2025-61795",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "CWE-1035",
          "title": "CWE-1035"
        },
        {
          "category": "other",
          "text": "CWE-937",
          "title": "CWE-937"
        },
        {
          "category": "description",
          "text": "Apache Tomcat and Oracle Communications Unified Assurance have critical vulnerabilities related to Denial of Service (DoS) risks, affecting multiple versions and requiring updates to address issues like improper resource shutdown and HTTP access exploitation.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-61795 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-61795.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-61795"
    },
    {
      "cve": "CVE-2025-64718",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
          "title": "CWE-1321"
        },
        {
          "category": "description",
          "text": "Vulnerabilities in js-yaml and Oracle Communications Unified Assurance products allow for prototype pollution and system compromise, respectively, with specific versions affected and available patches.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-64718 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-64718.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-64718"
    },
    {
      "cve": "CVE-2025-65018",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "Recent vulnerabilities in Oracle Communications Unified Assurance and libpng affect data integrity and system availability, with specific issues including buffer overflows and unauthorized access in various versions.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-65018 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-65018.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-65018"
    },
    {
      "cve": "CVE-2025-66418",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "other",
          "text": "CWE-1035",
          "title": "CWE-1035"
        },
        {
          "category": "other",
          "text": "CWE-937",
          "title": "CWE-937"
        },
        {
          "category": "description",
          "text": "The urllib3 library had a vulnerability allowing unbounded decompression chains, leading to potential Denial of Service (DoS) attacks due to excessive CPU and memory usage, fixed in version 2.6.0.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-66418 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-66418.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-66418"
    },
    {
      "cve": "CVE-2025-66516",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of XML External Entity Reference",
          "title": "CWE-611"
        },
        {
          "category": "other",
          "text": "CWE-1035",
          "title": "CWE-1035"
        },
        {
          "category": "other",
          "text": "CWE-937",
          "title": "CWE-937"
        },
        {
          "category": "description",
          "text": "Apache Tika has a critical XML External Entity (XXE) injection vulnerability affecting multiple modules, particularly in PDF parsing, allowing remote attackers to exploit crafted files for sensitive information disclosure or remote code execution.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-66516 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-66516.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 10.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-66516"
    },
    {
      "cve": "CVE-2025-68161",
      "cwe": {
        "id": "CWE-297",
        "name": "Improper Validation of Certificate with Host Mismatch"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Validation of Certificate with Host Mismatch",
          "title": "CWE-297"
        },
        {
          "category": "other",
          "text": "Improper Certificate Validation",
          "title": "CWE-295"
        },
        {
          "category": "other",
          "text": "CWE-1035",
          "title": "CWE-1035"
        },
        {
          "category": "other",
          "text": "CWE-937",
          "title": "CWE-937"
        },
        {
          "category": "description",
          "text": "Apache Log4j Core versions 2.0-beta9 to 2.25.2 lack TLS hostname verification in the Socket Appender, while Oracle\u0027s Primavera Gateway has a vulnerability allowing unauthenticated access via TLS.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-68161 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-68161.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18"
          ]
        }
      ],
      "title": "CVE-2025-68161"
    }
  ]
}

NCSC-2026-0032

Vulnerability from csaf_ncscnl - Published: 2026-01-21 10:12 - Updated: 2026-01-21 10:12

Summary

Kwetsbaarheden verholpen in Oracle MySQL

Notes

Feiten: Oracle heeft kwetsbaarheden verholpen in diverse Oracle MySQL componenten.

Interpretaties: De kwetsbaarheden stellen hooggeprivilegieerde aanvallers in staat om de server op afstand te exploiteren, wat kan leiden tot servercrashes en Denial of Service. Dit probleem kan worden misbruikt door aanvallers met netwerktoegang, wat de noodzaak van aandacht van beveiligingsbeheerders onderstreept.

Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-122: Heap-based Buffer Overflow

CWE-125: Out-of-bounds Read

CWE-197: Numeric Truncation Error

CWE-787: Out-of-bounds Write

CVE-2025-6965

Critical vulnerabilities in Oracle Communications Cloud Native Core and Siebel CRM allow unauthenticated access, while SQLite versions prior to 3.50.2 face memory corruption risks and other security issues.

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-197 - Numeric Truncation Error

Affected products

Known affected 6 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / MySQL		vers:unknown/*
vers:unknown/* Oracle / MySQL Cluster		vers:unknown/*
vers:unknown/* Oracle / MySQL Connectors		vers:unknown/*
vers:unknown/* Oracle / MySQL Enterprise Backup		vers:unknown/*
vers:unknown/* Oracle / MySQL Server		vers:unknown/*
vers:unknown/* Oracle / MySQL Workbench		vers:unknown/*

CVE-2025-9086

Recent updates to curl and MySQL Enterprise Backup address critical vulnerabilities, including cookie path issues and denial of service risks in various software versions.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-125 - Out-of-bounds Read

Affected products

Known affected 6 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / MySQL		vers:unknown/*
vers:unknown/* Oracle / MySQL Cluster		vers:unknown/*
vers:unknown/* Oracle / MySQL Connectors		vers:unknown/*
vers:unknown/* Oracle / MySQL Enterprise Backup		vers:unknown/*
vers:unknown/* Oracle / MySQL Server		vers:unknown/*
vers:unknown/* Oracle / MySQL Workbench		vers:unknown/*

CVE-2025-9230

Multiple vulnerabilities related to out-of-bounds read and write issues in OpenSSL affect various products, with moderate severity assessments and low likelihood of successful exploitation.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-125 - Out-of-bounds Read

Affected products

Known affected 6 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / MySQL		vers:unknown/*
vers:unknown/* Oracle / MySQL Cluster		vers:unknown/*
vers:unknown/* Oracle / MySQL Connectors		vers:unknown/*
vers:unknown/* Oracle / MySQL Enterprise Backup		vers:unknown/*
vers:unknown/* Oracle / MySQL Server		vers:unknown/*
vers:unknown/* Oracle / MySQL Workbench		vers:unknown/*

CVE-2025-65018

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

CWE-122 - Heap-based Buffer Overflow

Affected products

Known affected 6 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / MySQL		vers:unknown/*
vers:unknown/* Oracle / MySQL Cluster		vers:unknown/*
vers:unknown/* Oracle / MySQL Connectors		vers:unknown/*
vers:unknown/* Oracle / MySQL Enterprise Backup		vers:unknown/*
vers:unknown/* Oracle / MySQL Server		vers:unknown/*
vers:unknown/* Oracle / MySQL Workbench		vers:unknown/*

CVE-2026-21929

A vulnerability in Oracle MySQL Server (versions 9.0.0-9.5.0) allows low-privileged attackers to potentially cause a denial of service by crashing the server, with a CVSS score of 5.3 indicating availability impacts.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Known affected 6 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / MySQL		vers:unknown/*
vers:unknown/* Oracle / MySQL Cluster		vers:unknown/*
vers:unknown/* Oracle / MySQL Connectors		vers:unknown/*
vers:unknown/* Oracle / MySQL Enterprise Backup		vers:unknown/*
vers:unknown/* Oracle / MySQL Server		vers:unknown/*
vers:unknown/* Oracle / MySQL Workbench		vers:unknown/*

CVE-2026-21936

A vulnerability in Oracle MySQL's InnoDB component affects specific versions, allowing high-privileged attackers to crash the MySQL Server, with a CVSS score of 4.9 indicating availability impacts.

4.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Affected products

Known affected 6 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / MySQL		vers:unknown/*
vers:unknown/* Oracle / MySQL Cluster		vers:unknown/*
vers:unknown/* Oracle / MySQL Connectors		vers:unknown/*
vers:unknown/* Oracle / MySQL Enterprise Backup		vers:unknown/*
vers:unknown/* Oracle / MySQL Server		vers:unknown/*
vers:unknown/* Oracle / MySQL Workbench		vers:unknown/*

CVE-2026-21937

A vulnerability in Oracle MySQL Server versions 8.0.0-8.0.44, 8.4.0-8.4.7, and 9.0.0-9.5.0 allows high-privileged attackers to cause denial of service via network access, with a CVSS score of 4.9.

4.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Affected products

Known affected 6 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / MySQL		vers:unknown/*
vers:unknown/* Oracle / MySQL Cluster		vers:unknown/*
vers:unknown/* Oracle / MySQL Connectors		vers:unknown/*
vers:unknown/* Oracle / MySQL Enterprise Backup		vers:unknown/*
vers:unknown/* Oracle / MySQL Server		vers:unknown/*
vers:unknown/* Oracle / MySQL Workbench		vers:unknown/*

CVE-2026-21941

A vulnerability in Oracle MySQL Server versions 8.0.0-8.0.44, 8.4.0-8.4.7, and 9.0.0-9.5.0 allows high-privileged attackers to remotely exploit it, potentially causing denial of service with a CVSS score of 4.9.

4.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Affected products

Known affected 6 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / MySQL		vers:unknown/*
vers:unknown/* Oracle / MySQL Cluster		vers:unknown/*
vers:unknown/* Oracle / MySQL Connectors		vers:unknown/*
vers:unknown/* Oracle / MySQL Enterprise Backup		vers:unknown/*
vers:unknown/* Oracle / MySQL Server		vers:unknown/*
vers:unknown/* Oracle / MySQL Workbench		vers:unknown/*

CVE-2026-21948

4.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Affected products

Known affected 6 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / MySQL		vers:unknown/*
vers:unknown/* Oracle / MySQL Cluster		vers:unknown/*
vers:unknown/* Oracle / MySQL Connectors		vers:unknown/*
vers:unknown/* Oracle / MySQL Enterprise Backup		vers:unknown/*
vers:unknown/* Oracle / MySQL Server		vers:unknown/*
vers:unknown/* Oracle / MySQL Workbench		vers:unknown/*

CVE-2026-21949

A vulnerability in Oracle MySQL Server (versions 9.0.0-9.5.0) allows low-privileged attackers to cause denial of service, leading to server crashes, with a CVSS score of 6.5 indicating significant availability impacts.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Known affected 6 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / MySQL		vers:unknown/*
vers:unknown/* Oracle / MySQL Cluster		vers:unknown/*
vers:unknown/* Oracle / MySQL Connectors		vers:unknown/*
vers:unknown/* Oracle / MySQL Enterprise Backup		vers:unknown/*
vers:unknown/* Oracle / MySQL Server		vers:unknown/*
vers:unknown/* Oracle / MySQL Workbench		vers:unknown/*

CVE-2026-21950

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Known affected 6 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / MySQL		vers:unknown/*
vers:unknown/* Oracle / MySQL Cluster		vers:unknown/*
vers:unknown/* Oracle / MySQL Connectors		vers:unknown/*
vers:unknown/* Oracle / MySQL Enterprise Backup		vers:unknown/*
vers:unknown/* Oracle / MySQL Server		vers:unknown/*
vers:unknown/* Oracle / MySQL Workbench		vers:unknown/*

CVE-2026-21952

A vulnerability in Oracle MySQL Server (versions 9.0.0-9.5.0) allows high-privileged attackers to cause denial of service, leading to server crashes, with a CVSS 3.1 Base Score of 4.9.

4.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Affected products

Known affected 6 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / MySQL		vers:unknown/*
vers:unknown/* Oracle / MySQL Cluster		vers:unknown/*
vers:unknown/* Oracle / MySQL Connectors		vers:unknown/*
vers:unknown/* Oracle / MySQL Enterprise Backup		vers:unknown/*
vers:unknown/* Oracle / MySQL Server		vers:unknown/*
vers:unknown/* Oracle / MySQL Workbench		vers:unknown/*

CVE-2026-21964

A vulnerability in Oracle MySQL's Server: Thread Pooling component affects specific versions, allowing high-privileged attackers to remotely exploit it, potentially leading to denial of service with a CVSS score of 4.9.

4.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Affected products

Known affected 6 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / MySQL		vers:unknown/*
vers:unknown/* Oracle / MySQL Cluster		vers:unknown/*
vers:unknown/* Oracle / MySQL Connectors		vers:unknown/*
vers:unknown/* Oracle / MySQL Enterprise Backup		vers:unknown/*
vers:unknown/* Oracle / MySQL Server		vers:unknown/*
vers:unknown/* Oracle / MySQL Workbench		vers:unknown/*

CVE-2026-21965

A vulnerability in Oracle MySQL Server (versions 9.0.0-9.5.0) allows high-privileged attackers with network access to potentially cause a partial denial of service, rated with a CVSS 3.1 Base Score of 2.7.

2.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

Affected products

Known affected 6 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / MySQL		vers:unknown/*
vers:unknown/* Oracle / MySQL Cluster		vers:unknown/*
vers:unknown/* Oracle / MySQL Connectors		vers:unknown/*
vers:unknown/* Oracle / MySQL Enterprise Backup		vers:unknown/*
vers:unknown/* Oracle / MySQL Server		vers:unknown/*
vers:unknown/* Oracle / MySQL Workbench		vers:unknown/*

CVE-2026-21968

A vulnerability in Oracle MySQL Server versions 8.0.0-8.0.44, 8.4.0-8.4.7, and 9.0.0-9.5.0 allows low-privileged attackers to cause denial of service via network access, with a CVSS score of 6.5.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Known affected 6 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / MySQL		vers:unknown/*
vers:unknown/* Oracle / MySQL Cluster		vers:unknown/*
vers:unknown/* Oracle / MySQL Connectors		vers:unknown/*
vers:unknown/* Oracle / MySQL Enterprise Backup		vers:unknown/*
vers:unknown/* Oracle / MySQL Server		vers:unknown/*
vers:unknown/* Oracle / MySQL Workbench		vers:unknown/*

References

16 references

URL	Category
https://www.oracle.com/security-alerts/cpujan2026.html	external
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Oracle heeft kwetsbaarheden verholpen in diverse Oracle MySQL componenten.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden stellen hooggeprivilegieerde aanvallers in staat om de server op afstand te exploiteren, wat kan leiden tot servercrashes en Denial of Service. Dit probleem kan worden misbruikt door aanvallers met netwerktoegang, wat de noodzaak van aandacht van beveiligingsbeheerders onderstreept.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Heap-based Buffer Overflow",
        "title": "CWE-122"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Read",
        "title": "CWE-125"
      },
      {
        "category": "general",
        "text": "Numeric Truncation Error",
        "title": "CWE-197"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://www.oracle.com/security-alerts/cpujan2026.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Oracle MySQL",
    "tracking": {
      "current_release_date": "2026-01-21T10:12:24.844869Z",
      "generator": {
        "date": "2025-08-04T16:30:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.3"
        }
      },
      "id": "NCSC-2026-0032",
      "initial_release_date": "2026-01-21T10:12:24.844869Z",
      "revision_history": [
        {
          "date": "2026-01-21T10:12:24.844869Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-1"
                }
              }
            ],
            "category": "product_name",
            "name": "MySQL"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-2"
                }
              }
            ],
            "category": "product_name",
            "name": "MySQL Cluster"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-3"
                }
              }
            ],
            "category": "product_name",
            "name": "MySQL Connectors"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-4"
                }
              }
            ],
            "category": "product_name",
            "name": "MySQL Enterprise Backup"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-5"
                }
              }
            ],
            "category": "product_name",
            "name": "MySQL Server"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-6"
                }
              }
            ],
            "category": "product_name",
            "name": "MySQL Workbench"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-6965",
      "cwe": {
        "id": "CWE-197",
        "name": "Numeric Truncation Error"
      },
      "notes": [
        {
          "category": "other",
          "text": "Numeric Truncation Error",
          "title": "CWE-197"
        },
        {
          "category": "description",
          "text": "Critical vulnerabilities in Oracle Communications Cloud Native Core and Siebel CRM allow unauthenticated access, while SQLite versions prior to 3.50.2 face memory corruption risks and other security issues.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-6965 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-6965.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6"
          ]
        }
      ],
      "title": "CVE-2025-6965"
    },
    {
      "cve": "CVE-2025-9086",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "description",
          "text": "Recent updates to curl and MySQL Enterprise Backup address critical vulnerabilities, including cookie path issues and denial of service risks in various software versions.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-9086 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-9086.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6"
          ]
        }
      ],
      "title": "CVE-2025-9086"
    },
    {
      "cve": "CVE-2025-9230",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities related to out-of-bounds read and write issues in OpenSSL affect various products, with moderate severity assessments and low likelihood of successful exploitation.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-9230 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-9230.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6"
          ]
        }
      ],
      "title": "CVE-2025-9230"
    },
    {
      "cve": "CVE-2025-65018",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "Recent vulnerabilities in Oracle Communications Unified Assurance and libpng affect data integrity and system availability, with specific issues including buffer overflows and unauthorized access in various versions.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-65018 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-65018.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6"
          ]
        }
      ],
      "title": "CVE-2025-65018"
    },
    {
      "cve": "CVE-2026-21929",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in Oracle MySQL Server (versions 9.0.0-9.5.0) allows low-privileged attackers to potentially cause a denial of service by crashing the server, with a CVSS score of 5.3 indicating availability impacts.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21929 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21929.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6"
          ]
        }
      ],
      "title": "CVE-2026-21929"
    },
    {
      "cve": "CVE-2026-21936",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in Oracle MySQL\u0027s InnoDB component affects specific versions, allowing high-privileged attackers to crash the MySQL Server, with a CVSS score of 4.9 indicating availability impacts.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21936 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21936.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6"
          ]
        }
      ],
      "title": "CVE-2026-21936"
    },
    {
      "cve": "CVE-2026-21937",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in Oracle MySQL Server versions 8.0.0-8.0.44, 8.4.0-8.4.7, and 9.0.0-9.5.0 allows high-privileged attackers to cause denial of service via network access, with a CVSS score of 4.9.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21937 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21937.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6"
          ]
        }
      ],
      "title": "CVE-2026-21937"
    },
    {
      "cve": "CVE-2026-21941",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in Oracle MySQL Server versions 8.0.0-8.0.44, 8.4.0-8.4.7, and 9.0.0-9.5.0 allows high-privileged attackers to remotely exploit it, potentially causing denial of service with a CVSS score of 4.9.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21941 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21941.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6"
          ]
        }
      ],
      "title": "CVE-2026-21941"
    },
    {
      "cve": "CVE-2026-21948",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in Oracle MySQL Server versions 8.0.0-8.0.44, 8.4.0-8.4.7, and 9.0.0-9.5.0 allows high-privileged attackers to remotely exploit it, potentially causing denial of service with a CVSS score of 4.9.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21948 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21948.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6"
          ]
        }
      ],
      "title": "CVE-2026-21948"
    },
    {
      "cve": "CVE-2026-21949",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in Oracle MySQL Server (versions 9.0.0-9.5.0) allows low-privileged attackers to cause denial of service, leading to server crashes, with a CVSS score of 6.5 indicating significant availability impacts.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21949 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21949.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6"
          ]
        }
      ],
      "title": "CVE-2026-21949"
    },
    {
      "cve": "CVE-2026-21950",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in Oracle MySQL Server (versions 9.0.0-9.5.0) allows low-privileged attackers to cause denial of service, leading to server crashes, with a CVSS score of 6.5 indicating significant availability impacts.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21950 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21950.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6"
          ]
        }
      ],
      "title": "CVE-2026-21950"
    },
    {
      "cve": "CVE-2026-21952",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in Oracle MySQL Server (versions 9.0.0-9.5.0) allows high-privileged attackers to cause denial of service, leading to server crashes, with a CVSS 3.1 Base Score of 4.9.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21952 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21952.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6"
          ]
        }
      ],
      "title": "CVE-2026-21952"
    },
    {
      "cve": "CVE-2026-21964",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in Oracle MySQL\u0027s Server: Thread Pooling component affects specific versions, allowing high-privileged attackers to remotely exploit it, potentially leading to denial of service with a CVSS score of 4.9.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21964 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21964.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6"
          ]
        }
      ],
      "title": "CVE-2026-21964"
    },
    {
      "cve": "CVE-2026-21965",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in Oracle MySQL Server (versions 9.0.0-9.5.0) allows high-privileged attackers with network access to potentially cause a partial denial of service, rated with a CVSS 3.1 Base Score of 2.7.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21965 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21965.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6"
          ]
        }
      ],
      "title": "CVE-2026-21965"
    },
    {
      "cve": "CVE-2026-21968",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in Oracle MySQL Server versions 8.0.0-8.0.44, 8.4.0-8.4.7, and 9.0.0-9.5.0 allows low-privileged attackers to cause denial of service via network access, with a CVSS score of 6.5.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21968 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21968.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6"
          ]
        }
      ],
      "title": "CVE-2026-21968"
    }
  ]
}

NCSC-2026-0173

Vulnerability from csaf_ncscnl - Published: 2026-06-02 08:00 - Updated: 2026-06-02 08:00

Summary

Kwetsbaarheden verholpen in Google Android en Samsung Mobile

Notes

Feiten: Google heeft kwetsbaarheden verholpen in Android. Samsung heeft de voor Samsung mobile devices relevante kwetsbaarheden verholpen in Samsung Mobile.

Interpretaties: Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, zichzelf verhoogde rechten toe te kennen, toegang te krijgen tot gevoelige gegevens of willekeurige code uit te voeren. Onder de verholpen kwetsbaarheden zit een aantal kwetsbaarheden die door Google worden gemarkeerd als 'Critical'. Google heeft verder, zoals gebruikelijk, weinig detailinformatie beschikbaar gesteld.

Oplossingen: Google heeft updates uitgebracht om de kwetsbaarheden te verhelpen in Android 12,13 en 14. Samsung heeft updates uitgebracht om de voor Samsung relevante kwetsbaarheden te verhelpen in Samsung Mobile devices. Zie bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-20: Improper Input Validation

CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE-121: Stack-based Buffer Overflow

CWE-122: Heap-based Buffer Overflow

CWE-125: Out-of-bounds Read

CWE-126: Buffer Over-read

CWE-129: Improper Validation of Array Index

CWE-190: Integer Overflow or Wraparound

CWE-269: Improper Privilege Management

CWE-400: Uncontrolled Resource Consumption

CWE-416: Use After Free

CWE-476: NULL Pointer Dereference

CWE-617: Reachable Assertion

CWE-693: Protection Mechanism Failure

CWE-770: Allocation of Resources Without Limits or Throttling

CWE-787: Out-of-bounds Write

CWE-1021: Improper Restriction of Rendered UI Layers or Frames

CWE-1286: Improper Validation of Syntactic Correctness of Input

CVE-2025-22424

Improper input validation in multiple locations can allow users to access images across accounts, potentially leading to local privilege escalation without additional execution privileges, requiring user interaction for exploitation.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2025-22426

A logic error in ComputerEngine.java permits unauthorized access to user URIs, enabling local privilege escalation without additional execution privileges or user interaction.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2025-32348

A missing permission check in multiple locations allows background activity launches, potentially enabling local privilege escalation without user interaction or additional execution privileges.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2025-47384

A transient denial of service (DoS) condition arises when the MAC is configured with a configuration ID exceeding its supported maximum value, causing temporary service disruption.

6.5 (Medium)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-617 - Reachable Assertion

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2025-47392

Memory corruption occurs during the decoding of corrupted satellite data files containing invalid signature offsets, potentially leading to system instability or exploitation.

8.8 (High)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2025-47400

A cryptographic vulnerability occurs when data is copied to a destination buffer without verifying the buffer's size, potentially causing security issues such as buffer overflows.

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE-126 - Buffer Over-read

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2025-47401

A transient denial of service vulnerability occurs during the processing of target power rate tables in channel configuration, potentially disrupting normal device operation.

6.5 (Medium)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-126 - Buffer Over-read

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2025-47403

A transient denial-of-service condition may occur during wireless roaming when a malformed Fast Transition response frame with an invalid header structure is processed.

6.5 (Medium)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-126 - Buffer Over-read

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2025-48570

PipTaskOrganizer.java contains multiple confused deputy vulnerabilities enabling background activity launches that may lead to local privilege escalation without user interaction or additional execution privileges.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2025-48595

An integer overflow vulnerability present in multiple locations can enable local privilege escalation without requiring additional execution privileges or user interaction.

8.4 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2025-48615

A resource exhaustion issue in getComponentName of MediaButtonReceiverHolder.java may cause desynchronization in persistence, enabling local privilege escalation without user interaction or additional privileges.

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2025-48649

A permissions bypass vulnerability in multiple locations allows resetting user-selected permissions, potentially enabling local privilege escalation without additional execution privileges or user interaction.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2025-48652

A logic error in the performPreInstallChecks function of InstallRepository.kt enables bypassing MDM policy, allowing local privilege escalation without additional execution privileges or user interaction.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2025-59604

Memory corruption arises during a memory copy operation due to invalid writes triggered by a null pointer dereference, leading to potential instability or exploitation.

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2025-59605

Memory corruption vulnerabilities arise from processing device identifier strings that exceed their expected maximum length, potentially leading to unstable system behavior or exploitation.

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-787 - Out-of-bounds Write

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2025-59606

Memory corruption occurs due to heap memory exhaustion during secure data initialization, leading to writes in invalid memory locations.

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2025-64505

Multiple vulnerabilities in libpng, including heap buffer over-reads and overflows in functions like png_do_quantize and png_image_read_composite, affect various products such as MySQL Workbench, NetApp, Oracle Hyperion, and Apple Software, potentially causing data disclosure, denial of service, or application crashes.

6.1 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

CWE-125 - Out-of-bounds Read

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2025-64720

Libpng versions prior to 1.6.51 contain multiple memory handling vulnerabilities including out-of-bounds reads and buffer overflows in functions like png_image_read_composite, png_do_quantize, and png_combine_row, affecting various products such as MySQL Workbench and NetApp devices.

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

CWE-125 - Out-of-bounds Read

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2025-65018

Multiple heap buffer overflow and out-of-bounds read vulnerabilities exist in libpng versions 1.6.0 to before 1.6.51, affecting functions like png_image_finish_read and png_combine_row, impacting products from Oracle, NetApp, and others.

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

CWE-122 - Heap-based Buffer Overflow

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0009

A logic error in the code enables tapjacking vulnerabilities at multiple points, allowing local privilege escalation without requiring additional execution privileges or user interaction.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0016

A permissions bypass vulnerability in CredentialManagerService.java's updateProvidersWhenServiceRemoved function allows overriding settings across users, potentially leading to local information disclosure without extra privileges or user interaction.

3.3 (Low)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0018

AccessibilityManagerService.java contains multiple functions with inadequate input validation, leading to a persistent local denial of service without requiring user interaction or elevated privileges.

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0036

A tapjacking vulnerability in the startAnimation method of StageCoordinator.java enables local privilege escalation without requiring user interaction or additional execution privileges.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0039

A remote denial of service vulnerability caused by an integer overflow exists in multiple functions of ubsan_throwing_runtime.cpp, exploitable without user interaction or elevated privileges.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0040

An integer overflow vulnerability in multiple functions of ubsan_throwing_runtime.cpp can cause a crash, resulting in remote denial of service without user interaction or elevated privileges.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0041

A potential integer overflow in multiple functions of ubsan_throwing_runtime.cpp can cause a UBSan failure, resulting in a remote denial of service without user interaction or elevated privileges.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0042

A vulnerability in ubsan_throwing_runtime.cpp functions can lead to a persistent local denial of service via resource exhaustion without requiring user interaction or elevated privileges.

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0043

A vulnerability in ubsan_throwing_runtime.cpp involving integer overflow can lead to persistent denial of service and local privilege escalation without requiring user interaction or elevated privileges.

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0044

A vulnerability in ubsan_throwing_runtime.cpp involving an integer overflow can cause a system crash, potentially enabling remote denial of service without user interaction or additional privileges.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0046

A vulnerability in InputInterceptor of Letterbox.java enables a tapjacking/overlay attack that can trick users into granting permissions, potentially causing local privilege escalation without user interaction or extra execution privileges.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0048

A vulnerability in WindowState.java enables a tapjacking or overlay attack that can deceive users into granting permissions, potentially resulting in local privilege escalation without additional execution privileges or user interaction.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0051

A vulnerability in multiple functions of ubsan_throwing_runtime.cpp allows remote denial of service via improper input validation, exploitable without user interaction or additional privileges.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0052

An integer overflow vulnerability in multiple functions of ubsan_throwing_runtime.cpp can cause a crash, resulting in remote denial of service without user interaction or elevated privileges.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0055

A path traversal vulnerability in PackageInstallerService.java's createSessionInternal method allows local privilege escalation by enabling updates to a Device Policy Controller in unauthorized directories without user interaction or extra privileges.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0056

A vulnerability in ResourceTypes.cpp's setTo function may lead to an out-of-bounds read, potentially causing local information disclosure without user interaction or elevated privileges.

3.3 (Low)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0059

A heap buffer overflow vulnerability in multiple functions of sdp_discovery.cc could enable remote code execution without requiring additional privileges or user interaction.

8.0 (High)


                        
                          CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-122 - Heap-based Buffer Overflow

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0061

WindowState.java contains multiple functions vulnerable to tapjacking and overlay attacks that can deceive users into granting permissions, enabling local privilege escalation without additional execution privileges or user interaction.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0069

A vulnerability in the verifySignature function of ApkChecksums.java can cause resource exhaustion leading to a crash and local denial of service without user interaction or elevated privileges.

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0070

A vulnerability in DevicePolicyManagerService.java allows hiding a critical system package via improper input validation, enabling a local denial of service without user interaction or additional privileges.

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0076

An out-of-bounds read vulnerability in the validateNode function of ResourceTypes.cpp due to improper bounds checking may enable local privilege escalation without additional execution privileges or user interaction.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0077

A logic error in resumeConfigurationDispatch within ActivityRecord.java can trigger background application launches, enabling local privilege escalation without user interaction or elevated execution privileges.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0078

A vulnerability in DevicePolicyManagerService.java's setGlobalProxy method allows local privilege escalation without user interaction due to improper input validation causing persistence desynchronization.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0080

An integer overflow vulnerability in multiple functions of ubsan_throwing_runtime.cpp can cause a crash, resulting in remote denial of service without user interaction or elevated privileges.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0087

A logic error in DomainVerificationService.java's approvalLevelForDomainInternal function enables hijacking of arbitrary app links, leading to local privilege escalation without user interaction or extra execution privileges.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0089

A missing permission check in multiple functions of PackageInstallerService.java enables installation of unverified applications, potentially causing local privilege escalation without user interaction or additional execution privileges.

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0091

An over-privileged shell user in the launcher process enables code execution that results in local privilege escalation without requiring user interaction or additional execution privileges.

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0097

A logic error in multiple locations allows bypassing user interaction during LE device pairing, enabling remote privilege escalation without requiring additional execution privileges.

8.0 (High)


                        
                          CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-0100

A heap buffer overflow vulnerability in LoadedArsc.cpp can lead to an out-of-bounds write, enabling local privilege escalation without user interaction or additional execution privileges.

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-122 - Heap-based Buffer Overflow

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-21017

A vulnerability in SecTelephonyProvider before SMR Jun-2026 Release 1 allows local attackers to access privileged files due to improper privilege handling.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-21025

A vulnerability in Telephony before SMR Jun-2026 Release 1 allows local attackers to access sensitive information due to incorrect privilege assignment, posing a significant security risk.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-21026

A vulnerability in SpriteWallpaper before SMR Jun-2026 Release 1 allows local attackers to access sensitive information due to improper export of Android application components.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-21027

An improper export vulnerability in Android's ImsSettings component before SMR June 2026 Release 1 allows local attackers to trigger the logging function.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-21028

An improper access control vulnerability in AuditLogService prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-21029

A vulnerability in Galaxy Editing Service before SMR Jun-2026 Release 1 allows local attackers to perform privileged operations by exploiting improper export of Android application components.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-21030

An improper access control vulnerability in MediaTek Audio HAL prior to SMR Jun-2026 Release 1 allows local attackers to execute privileged functions, posing a significant security risk.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-21031

An improper authorization vulnerability in AppBlock before SMR Jun-2026 Release 1 allows a local attacker to launch arbitrary activities, requiring user interaction to exploit.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-21352

DNG SDK versions 1.7.1 2410 and earlier have an out-of-bounds write vulnerability that may allow arbitrary code execution when processing malicious files.

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-787 - Out-of-bounds Write

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-21353

DNG SDK versions 1.7.1 2410 and earlier contain an Integer Overflow vulnerability that allows arbitrary code execution when a malicious file is opened.

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-21367

A transient denial of service vulnerability arises from processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial network scans, potentially disrupting normal device operations.

7.6 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H

CWE-126 - Buffer Over-read

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-21372

Memory corruption vulnerabilities arise from sending IOCTL requests with invalid buffer sizes during memcpy operations, potentially leading to unstable system behavior or exploitation.

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-122 - Heap-based Buffer Overflow

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-21373

Memory corruption vulnerabilities can arise when output buffer sizes are not properly validated during IOCTL processing, potentially leading to system instability or exploitation.

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-126 - Buffer Over-read

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-21374

A memory corruption vulnerability arises from insufficient buffer size validation during the processing of auxiliary sensor input/output control commands, potentially leading to unstable system behavior.

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-126 - Buffer Over-read

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-21375

Memory corruption vulnerabilities can arise when output buffer sizes are not properly validated during IOCTL processing, potentially leading to system instability or exploitation.

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-126 - Buffer Over-read

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-21376

A memory corruption vulnerability exists in a camera sensor driver caused by insufficient validation of output buffer size during IOCTL processing, potentially leading to system instability or exploitation.

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-126 - Buffer Over-read

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-21378

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-126 - Buffer Over-read

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-21380

Memory corruption vulnerabilities arise from the use of deprecated DMABUF IOCTL calls for video memory management, potentially impacting system stability and security.

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-21381

A transient denial-of-service vulnerability arises when a device processes a service data frame with excessive length during device matching over a Neighborhood Awareness Network protocol connection.

7.6 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H

CWE-126 - Buffer Over-read

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-21547

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-23787

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-24085

Memory corruption arises during the processing of display command line information due to an uninitialized variable, potentially leading to unstable system behavior or security risks.

7.2 (High)


                        
                          CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE-121 - Stack-based Buffer Overflow

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-24089

Memory corruption vulnerability arises from processing fastboot commands with invalid input, potentially leading to unstable system behavior or exploitation.

7.2 (High)


                        
                          CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE-1286 - Improper Validation of Syntactic Correctness of Input

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-25276

A memory corruption vulnerability arises in Strongbox due to the absence of a bounds check, potentially leading to unstable behavior or exploitation.

8.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE-129 - Improper Validation of Array Index

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-25277

A buffer overflow vulnerability in Strongbox leads to memory corruption, potentially compromising system stability and security.

8.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-28577

A tapjacking vulnerability in the addWindow method of WindowManagerService.java enables local privilege escalation without user interaction or additional execution privileges.

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-1021 - Improper Restriction of Rendered UI Layers or Frames

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-28578

DevicePolicyManagerService.java contains multiple functions with improper input validation that can cause desynchronization from persistence, potentially resulting in a local denial of service without user interaction or elevated privileges.

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-28580

A bounds check error in multiple functions can cause persistence desynchronization, leading to local privilege escalation without requiring additional execution privileges or user interaction.

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

CVE-2026-28586

AppOpsService.java contains multiple functions lacking proper permission checks, potentially enabling local information disclosure without user interaction or elevated execution privileges.

3.3 (Low)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
vers:unknown/* Google / Android		vers:unknown/*
vers:unknown/* Samsung / Mobile Devices		vers:unknown/*

References

79 references

URL	Category
https://security.samsungmobile.com/securityUpdate…	external
https://source.android.com/docs/security/bulletin…	external
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Google heeft kwetsbaarheden verholpen in Android.\n\nSamsung heeft de voor Samsung mobile devices relevante kwetsbaarheden verholpen in Samsung Mobile.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, zichzelf verhoogde rechten toe te kennen, toegang te krijgen tot gevoelige gegevens of willekeurige code uit te voeren.\n\nOnder de verholpen kwetsbaarheden zit een aantal kwetsbaarheden die door Google worden gemarkeerd als \u0027Critical\u0027.\n\nGoogle heeft verder, zoals gebruikelijk, weinig detailinformatie beschikbaar gesteld.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Google heeft updates uitgebracht om de kwetsbaarheden te verhelpen in Android 12,13 en 14.\n\nSamsung heeft updates uitgebracht om de voor Samsung relevante kwetsbaarheden te verhelpen in Samsung Mobile devices.\n\nZie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
        "title": "CWE-120"
      },
      {
        "category": "general",
        "text": "Stack-based Buffer Overflow",
        "title": "CWE-121"
      },
      {
        "category": "general",
        "text": "Heap-based Buffer Overflow",
        "title": "CWE-122"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Read",
        "title": "CWE-125"
      },
      {
        "category": "general",
        "text": "Buffer Over-read",
        "title": "CWE-126"
      },
      {
        "category": "general",
        "text": "Improper Validation of Array Index",
        "title": "CWE-129"
      },
      {
        "category": "general",
        "text": "Integer Overflow or Wraparound",
        "title": "CWE-190"
      },
      {
        "category": "general",
        "text": "Improper Privilege Management",
        "title": "CWE-269"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Use After Free",
        "title": "CWE-416"
      },
      {
        "category": "general",
        "text": "NULL Pointer Dereference",
        "title": "CWE-476"
      },
      {
        "category": "general",
        "text": "Reachable Assertion",
        "title": "CWE-617"
      },
      {
        "category": "general",
        "text": "Protection Mechanism Failure",
        "title": "CWE-693"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "Improper Restriction of Rendered UI Layers or Frames",
        "title": "CWE-1021"
      },
      {
        "category": "general",
        "text": "Improper Validation of Syntactic Correctness of Input",
        "title": "CWE-1286"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2026\u0026month=6"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://source.android.com/docs/security/bulletin/2026/2026-06-01"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Google Android en Samsung Mobile",
    "tracking": {
      "current_release_date": "2026-06-02T08:00:20.751798Z",
      "generator": {
        "date": "2025-08-04T16:30:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.3"
        }
      },
      "id": "NCSC-2026-0173",
      "initial_release_date": "2026-06-02T08:00:20.751798Z",
      "revision_history": [
        {
          "date": "2026-06-02T08:00:20.751798Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-1"
                }
              }
            ],
            "category": "product_name",
            "name": "Android"
          }
        ],
        "category": "vendor",
        "name": "Google"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-2"
                }
              }
            ],
            "category": "product_name",
            "name": "Mobile Devices"
          }
        ],
        "category": "vendor",
        "name": "Samsung"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-22424",
      "notes": [
        {
          "category": "description",
          "text": "Improper input validation in multiple locations can allow users to access images across accounts, potentially leading to local privilege escalation without additional execution privileges, requiring user interaction for exploitation.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-22424 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-22424.json"
        }
      ],
      "title": "CVE-2025-22424"
    },
    {
      "cve": "CVE-2025-22426",
      "notes": [
        {
          "category": "description",
          "text": "A logic error in ComputerEngine.java permits unauthorized access to user URIs, enabling local privilege escalation without additional execution privileges or user interaction.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-22426 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-22426.json"
        }
      ],
      "title": "CVE-2025-22426"
    },
    {
      "cve": "CVE-2025-32348",
      "notes": [
        {
          "category": "description",
          "text": "A missing permission check in multiple locations allows background activity launches, potentially enabling local privilege escalation without user interaction or additional execution privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-32348 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-32348.json"
        }
      ],
      "title": "CVE-2025-32348"
    },
    {
      "cve": "CVE-2025-47384",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "other",
          "text": "Reachable Assertion",
          "title": "CWE-617"
        },
        {
          "category": "description",
          "text": "A transient denial of service (DoS) condition arises when the MAC is configured with a configuration ID exceeding its supported maximum value, causing temporary service disruption.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-47384 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47384.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-47384"
    },
    {
      "cve": "CVE-2025-47392",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "description",
          "text": "Memory corruption occurs during the decoding of corrupted satellite data files containing invalid signature offsets, potentially leading to system instability or exploitation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-47392 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47392.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-47392"
    },
    {
      "cve": "CVE-2025-47400",
      "cwe": {
        "id": "CWE-126",
        "name": "Buffer Over-read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Over-read",
          "title": "CWE-126"
        },
        {
          "category": "description",
          "text": "A cryptographic vulnerability occurs when data is copied to a destination buffer without verifying the buffer\u0027s size, potentially causing security issues such as buffer overflows.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-47400 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47400.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-47400"
    },
    {
      "cve": "CVE-2025-47401",
      "cwe": {
        "id": "CWE-126",
        "name": "Buffer Over-read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Over-read",
          "title": "CWE-126"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "description",
          "text": "A transient denial of service vulnerability occurs during the processing of target power rate tables in channel configuration, potentially disrupting normal device operation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-47401 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47401.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-47401"
    },
    {
      "cve": "CVE-2025-47403",
      "cwe": {
        "id": "CWE-126",
        "name": "Buffer Over-read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Over-read",
          "title": "CWE-126"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "description",
          "text": "A transient denial-of-service condition may occur during wireless roaming when a malformed Fast Transition response frame with an invalid header structure is processed.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-47403 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47403.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-47403"
    },
    {
      "cve": "CVE-2025-48570",
      "notes": [
        {
          "category": "description",
          "text": "PipTaskOrganizer.java contains multiple confused deputy vulnerabilities enabling background activity launches that may lead to local privilege escalation without user interaction or additional execution privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48570 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48570.json"
        }
      ],
      "title": "CVE-2025-48570"
    },
    {
      "cve": "CVE-2025-48595",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "description",
          "text": "An integer overflow vulnerability present in multiple locations can enable local privilege escalation without requiring additional execution privileges or user interaction.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48595 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48595.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-48595"
    },
    {
      "cve": "CVE-2025-48615",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "description",
          "text": "A resource exhaustion issue in getComponentName of MediaButtonReceiverHolder.java may cause desynchronization in persistence, enabling local privilege escalation without user interaction or additional privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48615 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48615.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-48615"
    },
    {
      "cve": "CVE-2025-48649",
      "notes": [
        {
          "category": "description",
          "text": "A permissions bypass vulnerability in multiple locations allows resetting user-selected permissions, potentially enabling local privilege escalation without additional execution privileges or user interaction.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48649 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48649.json"
        }
      ],
      "title": "CVE-2025-48649"
    },
    {
      "cve": "CVE-2025-48652",
      "notes": [
        {
          "category": "description",
          "text": "A logic error in the performPreInstallChecks function of InstallRepository.kt enables bypassing MDM policy, allowing local privilege escalation without additional execution privileges or user interaction.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48652 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48652.json"
        }
      ],
      "title": "CVE-2025-48652"
    },
    {
      "cve": "CVE-2025-59604",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        },
        {
          "category": "description",
          "text": "Memory corruption arises during a memory copy operation due to invalid writes triggered by a null pointer dereference, leading to potential instability or exploitation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-59604 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59604.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-59604"
    },
    {
      "cve": "CVE-2025-59605",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "Memory corruption vulnerabilities arise from processing device identifier strings that exceed their expected maximum length, potentially leading to unstable system behavior or exploitation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-59605 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59605.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-59605"
    },
    {
      "cve": "CVE-2025-59606",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        },
        {
          "category": "description",
          "text": "Memory corruption occurs due to heap memory exhaustion during secure data initialization, leading to writes in invalid memory locations.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-59606 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59606.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-59606"
    },
    {
      "cve": "CVE-2025-64505",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities in libpng, including heap buffer over-reads and overflows in functions like png_do_quantize and png_image_read_composite, affect various products such as MySQL Workbench, NetApp, Oracle Hyperion, and Apple Software, potentially causing data disclosure, denial of service, or application crashes.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-64505 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-64505.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-64505"
    },
    {
      "cve": "CVE-2025-64720",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "description",
          "text": "Libpng versions prior to 1.6.51 contain multiple memory handling vulnerabilities including out-of-bounds reads and buffer overflows in functions like png_image_read_composite, png_do_quantize, and png_combine_row, affecting various products such as MySQL Workbench and NetApp devices.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-64720 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-64720.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-64720"
    },
    {
      "cve": "CVE-2025-65018",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "Multiple heap buffer overflow and out-of-bounds read vulnerabilities exist in libpng versions 1.6.0 to before 1.6.51, affecting functions like png_image_finish_read and png_combine_row, impacting products from Oracle, NetApp, and others.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-65018 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-65018.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-65018"
    },
    {
      "cve": "CVE-2026-0009",
      "notes": [
        {
          "category": "description",
          "text": "A logic error in the code enables tapjacking vulnerabilities at multiple points, allowing local privilege escalation without requiring additional execution privileges or user interaction.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0009 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0009.json"
        }
      ],
      "title": "CVE-2026-0009"
    },
    {
      "cve": "CVE-2026-0016",
      "notes": [
        {
          "category": "description",
          "text": "A permissions bypass vulnerability in CredentialManagerService.java\u0027s updateProvidersWhenServiceRemoved function allows overriding settings across users, potentially leading to local information disclosure without extra privileges or user interaction.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0016 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0016.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0016"
    },
    {
      "cve": "CVE-2026-0018",
      "notes": [
        {
          "category": "description",
          "text": "AccessibilityManagerService.java contains multiple functions with inadequate input validation, leading to a persistent local denial of service without requiring user interaction or elevated privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0018 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0018.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0018"
    },
    {
      "cve": "CVE-2026-0036",
      "notes": [
        {
          "category": "description",
          "text": "A tapjacking vulnerability in the startAnimation method of StageCoordinator.java enables local privilege escalation without requiring user interaction or additional execution privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0036 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0036.json"
        }
      ],
      "title": "CVE-2026-0036"
    },
    {
      "cve": "CVE-2026-0039",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "description",
          "text": "A remote denial of service vulnerability caused by an integer overflow exists in multiple functions of ubsan_throwing_runtime.cpp, exploitable without user interaction or elevated privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0039 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0039.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0039"
    },
    {
      "cve": "CVE-2026-0040",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "description",
          "text": "An integer overflow vulnerability in multiple functions of ubsan_throwing_runtime.cpp can cause a crash, resulting in remote denial of service without user interaction or elevated privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0040 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0040.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0040"
    },
    {
      "cve": "CVE-2026-0041",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "description",
          "text": "A potential integer overflow in multiple functions of ubsan_throwing_runtime.cpp can cause a UBSan failure, resulting in a remote denial of service without user interaction or elevated privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0041 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0041.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0041"
    },
    {
      "cve": "CVE-2026-0042",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in ubsan_throwing_runtime.cpp functions can lead to a persistent local denial of service via resource exhaustion without requiring user interaction or elevated privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0042 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0042.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0042"
    },
    {
      "cve": "CVE-2026-0043",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "description",
          "text": "A vulnerability in ubsan_throwing_runtime.cpp involving integer overflow can lead to persistent denial of service and local privilege escalation without requiring user interaction or elevated privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0043 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0043.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0043"
    },
    {
      "cve": "CVE-2026-0044",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "description",
          "text": "A vulnerability in ubsan_throwing_runtime.cpp involving an integer overflow can cause a system crash, potentially enabling remote denial of service without user interaction or additional privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0044 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0044.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0044"
    },
    {
      "cve": "CVE-2026-0046",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in InputInterceptor of Letterbox.java enables a tapjacking/overlay attack that can trick users into granting permissions, potentially causing local privilege escalation without user interaction or extra execution privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0046 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0046.json"
        }
      ],
      "title": "CVE-2026-0046"
    },
    {
      "cve": "CVE-2026-0048",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in WindowState.java enables a tapjacking or overlay attack that can deceive users into granting permissions, potentially resulting in local privilege escalation without additional execution privileges or user interaction.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0048 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0048.json"
        }
      ],
      "title": "CVE-2026-0048"
    },
    {
      "cve": "CVE-2026-0051",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in multiple functions of ubsan_throwing_runtime.cpp allows remote denial of service via improper input validation, exploitable without user interaction or additional privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0051 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0051.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0051"
    },
    {
      "cve": "CVE-2026-0052",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "description",
          "text": "An integer overflow vulnerability in multiple functions of ubsan_throwing_runtime.cpp can cause a crash, resulting in remote denial of service without user interaction or elevated privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0052 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0052.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0052"
    },
    {
      "cve": "CVE-2026-0055",
      "notes": [
        {
          "category": "description",
          "text": "A path traversal vulnerability in PackageInstallerService.java\u0027s createSessionInternal method allows local privilege escalation by enabling updates to a Device Policy Controller in unauthorized directories without user interaction or extra privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0055 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0055.json"
        }
      ],
      "title": "CVE-2026-0055"
    },
    {
      "cve": "CVE-2026-0056",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
          "title": "CWE-120"
        },
        {
          "category": "description",
          "text": "A vulnerability in ResourceTypes.cpp\u0027s setTo function may lead to an out-of-bounds read, potentially causing local information disclosure without user interaction or elevated privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0056 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0056.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0056"
    },
    {
      "cve": "CVE-2026-0059",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        },
        {
          "category": "description",
          "text": "A heap buffer overflow vulnerability in multiple functions of sdp_discovery.cc could enable remote code execution without requiring additional privileges or user interaction.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0059 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0059.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0059"
    },
    {
      "cve": "CVE-2026-0061",
      "notes": [
        {
          "category": "description",
          "text": "WindowState.java contains multiple functions vulnerable to tapjacking and overlay attacks that can deceive users into granting permissions, enabling local privilege escalation without additional execution privileges or user interaction.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0061 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0061.json"
        }
      ],
      "title": "CVE-2026-0061"
    },
    {
      "cve": "CVE-2026-0069",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in the verifySignature function of ApkChecksums.java can cause resource exhaustion leading to a crash and local denial of service without user interaction or elevated privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0069 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0069.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0069"
    },
    {
      "cve": "CVE-2026-0070",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in DevicePolicyManagerService.java allows hiding a critical system package via improper input validation, enabling a local denial of service without user interaction or additional privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0070 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0070.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0070"
    },
    {
      "cve": "CVE-2026-0076",
      "notes": [
        {
          "category": "description",
          "text": "An out-of-bounds read vulnerability in the validateNode function of ResourceTypes.cpp due to improper bounds checking may enable local privilege escalation without additional execution privileges or user interaction.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0076 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0076.json"
        }
      ],
      "title": "CVE-2026-0076"
    },
    {
      "cve": "CVE-2026-0077",
      "notes": [
        {
          "category": "description",
          "text": "A logic error in resumeConfigurationDispatch within ActivityRecord.java can trigger background application launches, enabling local privilege escalation without user interaction or elevated execution privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0077 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0077.json"
        }
      ],
      "title": "CVE-2026-0077"
    },
    {
      "cve": "CVE-2026-0078",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in DevicePolicyManagerService.java\u0027s setGlobalProxy method allows local privilege escalation without user interaction due to improper input validation causing persistence desynchronization.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0078 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0078.json"
        }
      ],
      "title": "CVE-2026-0078"
    },
    {
      "cve": "CVE-2026-0080",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "description",
          "text": "An integer overflow vulnerability in multiple functions of ubsan_throwing_runtime.cpp can cause a crash, resulting in remote denial of service without user interaction or elevated privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0080 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0080.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0080"
    },
    {
      "cve": "CVE-2026-0087",
      "notes": [
        {
          "category": "description",
          "text": "A logic error in DomainVerificationService.java\u0027s approvalLevelForDomainInternal function enables hijacking of arbitrary app links, leading to local privilege escalation without user interaction or extra execution privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0087 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0087.json"
        }
      ],
      "title": "CVE-2026-0087"
    },
    {
      "cve": "CVE-2026-0089",
      "notes": [
        {
          "category": "description",
          "text": "A missing permission check in multiple functions of PackageInstallerService.java enables installation of unverified applications, potentially causing local privilege escalation without user interaction or additional execution privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0089 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0089.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0089"
    },
    {
      "cve": "CVE-2026-0091",
      "notes": [
        {
          "category": "description",
          "text": "An over-privileged shell user in the launcher process enables code execution that results in local privilege escalation without requiring user interaction or additional execution privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0091 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0091.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0091"
    },
    {
      "cve": "CVE-2026-0097",
      "notes": [
        {
          "category": "description",
          "text": "A logic error in multiple locations allows bypassing user interaction during LE device pairing, enabling remote privilege escalation without requiring additional execution privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0097 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0097.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0097"
    },
    {
      "cve": "CVE-2026-0100",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        },
        {
          "category": "description",
          "text": "A heap buffer overflow vulnerability in LoadedArsc.cpp can lead to an out-of-bounds write, enabling local privilege escalation without user interaction or additional execution privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0100 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0100.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0100"
    },
    {
      "cve": "CVE-2026-21017",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in SecTelephonyProvider before SMR Jun-2026 Release 1 allows local attackers to access privileged files due to improper privilege handling.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21017 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21017.json"
        }
      ],
      "title": "CVE-2026-21017"
    },
    {
      "cve": "CVE-2026-21025",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in Telephony before SMR Jun-2026 Release 1 allows local attackers to access sensitive information due to incorrect privilege assignment, posing a significant security risk.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21025 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21025.json"
        }
      ],
      "title": "CVE-2026-21025"
    },
    {
      "cve": "CVE-2026-21026",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in SpriteWallpaper before SMR Jun-2026 Release 1 allows local attackers to access sensitive information due to improper export of Android application components.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21026 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21026.json"
        }
      ],
      "title": "CVE-2026-21026"
    },
    {
      "cve": "CVE-2026-21027",
      "notes": [
        {
          "category": "description",
          "text": "An improper export vulnerability in Android\u0027s ImsSettings component before SMR June 2026 Release 1 allows local attackers to trigger the logging function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21027 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21027.json"
        }
      ],
      "title": "CVE-2026-21027"
    },
    {
      "cve": "CVE-2026-21028",
      "notes": [
        {
          "category": "description",
          "text": "An improper access control vulnerability in AuditLogService prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21028 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21028.json"
        }
      ],
      "title": "CVE-2026-21028"
    },
    {
      "cve": "CVE-2026-21029",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in Galaxy Editing Service before SMR Jun-2026 Release 1 allows local attackers to perform privileged operations by exploiting improper export of Android application components.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21029 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21029.json"
        }
      ],
      "title": "CVE-2026-21029"
    },
    {
      "cve": "CVE-2026-21030",
      "notes": [
        {
          "category": "description",
          "text": "An improper access control vulnerability in MediaTek Audio HAL prior to SMR Jun-2026 Release 1 allows local attackers to execute privileged functions, posing a significant security risk.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21030 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21030.json"
        }
      ],
      "title": "CVE-2026-21030"
    },
    {
      "cve": "CVE-2026-21031",
      "notes": [
        {
          "category": "description",
          "text": "An improper authorization vulnerability in AppBlock before SMR Jun-2026 Release 1 allows a local attacker to launch arbitrary activities, requiring user interaction to exploit.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21031 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21031.json"
        }
      ],
      "title": "CVE-2026-21031"
    },
    {
      "cve": "CVE-2026-21352",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "DNG SDK versions 1.7.1 2410 and earlier have an out-of-bounds write vulnerability that may allow arbitrary code execution when processing malicious files.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21352 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21352.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-21352"
    },
    {
      "cve": "CVE-2026-21353",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "description",
          "text": "DNG SDK versions 1.7.1 2410 and earlier contain an Integer Overflow vulnerability that allows arbitrary code execution when a malicious file is opened.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21353 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21353.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-21353"
    },
    {
      "cve": "CVE-2026-21367",
      "cwe": {
        "id": "CWE-126",
        "name": "Buffer Over-read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Over-read",
          "title": "CWE-126"
        },
        {
          "category": "description",
          "text": "A transient denial of service vulnerability arises from processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial network scans, potentially disrupting normal device operations.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21367 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21367.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-21367"
    },
    {
      "cve": "CVE-2026-21372",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        },
        {
          "category": "description",
          "text": "Memory corruption vulnerabilities arise from sending IOCTL requests with invalid buffer sizes during memcpy operations, potentially leading to unstable system behavior or exploitation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21372 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21372.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-21372"
    },
    {
      "cve": "CVE-2026-21373",
      "cwe": {
        "id": "CWE-126",
        "name": "Buffer Over-read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Over-read",
          "title": "CWE-126"
        },
        {
          "category": "description",
          "text": "Memory corruption vulnerabilities can arise when output buffer sizes are not properly validated during IOCTL processing, potentially leading to system instability or exploitation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21373 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21373.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-21373"
    },
    {
      "cve": "CVE-2026-21374",
      "cwe": {
        "id": "CWE-126",
        "name": "Buffer Over-read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Over-read",
          "title": "CWE-126"
        },
        {
          "category": "description",
          "text": "A memory corruption vulnerability arises from insufficient buffer size validation during the processing of auxiliary sensor input/output control commands, potentially leading to unstable system behavior.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21374 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21374.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-21374"
    },
    {
      "cve": "CVE-2026-21375",
      "cwe": {
        "id": "CWE-126",
        "name": "Buffer Over-read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Over-read",
          "title": "CWE-126"
        },
        {
          "category": "description",
          "text": "Memory corruption vulnerabilities can arise when output buffer sizes are not properly validated during IOCTL processing, potentially leading to system instability or exploitation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21375 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21375.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-21375"
    },
    {
      "cve": "CVE-2026-21376",
      "cwe": {
        "id": "CWE-126",
        "name": "Buffer Over-read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Over-read",
          "title": "CWE-126"
        },
        {
          "category": "description",
          "text": "A memory corruption vulnerability exists in a camera sensor driver caused by insufficient validation of output buffer size during IOCTL processing, potentially leading to system instability or exploitation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21376 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21376.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-21376"
    },
    {
      "cve": "CVE-2026-21378",
      "cwe": {
        "id": "CWE-126",
        "name": "Buffer Over-read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Over-read",
          "title": "CWE-126"
        },
        {
          "category": "description",
          "text": "A memory corruption vulnerability exists in a camera sensor driver caused by insufficient validation of output buffer size during IOCTL processing, potentially leading to system instability or exploitation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21378 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21378.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-21378"
    },
    {
      "cve": "CVE-2026-21380",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        },
        {
          "category": "description",
          "text": "Memory corruption vulnerabilities arise from the use of deprecated DMABUF IOCTL calls for video memory management, potentially impacting system stability and security.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21380 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21380.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-21380"
    },
    {
      "cve": "CVE-2026-21381",
      "cwe": {
        "id": "CWE-126",
        "name": "Buffer Over-read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Over-read",
          "title": "CWE-126"
        },
        {
          "category": "description",
          "text": "A transient denial-of-service vulnerability arises when a device processes a service data frame with excessive length during device matching over a Neighborhood Awareness Network protocol connection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21381 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21381.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-21381"
    },
    {
      "cve": "CVE-2026-21547",
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21547 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21547.json"
        }
      ],
      "title": "CVE-2026-21547"
    },
    {
      "cve": "CVE-2026-23787",
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-23787 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-23787.json"
        }
      ],
      "title": "CVE-2026-23787"
    },
    {
      "cve": "CVE-2026-24085",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        },
        {
          "category": "description",
          "text": "Memory corruption arises during the processing of display command line information due to an uninitialized variable, potentially leading to unstable system behavior or security risks.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-24085 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-24085.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-24085"
    },
    {
      "cve": "CVE-2026-24089",
      "cwe": {
        "id": "CWE-1286",
        "name": "Improper Validation of Syntactic Correctness of Input"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Validation of Syntactic Correctness of Input",
          "title": "CWE-1286"
        },
        {
          "category": "description",
          "text": "Memory corruption vulnerability arises from processing fastboot commands with invalid input, potentially leading to unstable system behavior or exploitation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-24089 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-24089.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-24089"
    },
    {
      "cve": "CVE-2026-25276",
      "cwe": {
        "id": "CWE-129",
        "name": "Improper Validation of Array Index"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Validation of Array Index",
          "title": "CWE-129"
        },
        {
          "category": "description",
          "text": "A memory corruption vulnerability arises in Strongbox due to the absence of a bounds check, potentially leading to unstable behavior or exploitation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-25276 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25276.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-25276"
    },
    {
      "cve": "CVE-2026-25277",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
          "title": "CWE-120"
        },
        {
          "category": "description",
          "text": "A buffer overflow vulnerability in Strongbox leads to memory corruption, potentially compromising system stability and security.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-25277 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25277.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-25277"
    },
    {
      "cve": "CVE-2026-28577",
      "cwe": {
        "id": "CWE-1021",
        "name": "Improper Restriction of Rendered UI Layers or Frames"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of Rendered UI Layers or Frames",
          "title": "CWE-1021"
        },
        {
          "category": "description",
          "text": "A tapjacking vulnerability in the addWindow method of WindowManagerService.java enables local privilege escalation without user interaction or additional execution privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28577 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28577.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-28577"
    },
    {
      "cve": "CVE-2026-28578",
      "notes": [
        {
          "category": "description",
          "text": "DevicePolicyManagerService.java contains multiple functions with improper input validation that can cause desynchronization from persistence, potentially resulting in a local denial of service without user interaction or elevated privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28578 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28578.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-28578"
    },
    {
      "cve": "CVE-2026-28580",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
          "title": "CWE-120"
        },
        {
          "category": "description",
          "text": "A bounds check error in multiple functions can cause persistence desynchronization, leading to local privilege escalation without requiring additional execution privileges or user interaction.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28580 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28580.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-28580"
    },
    {
      "cve": "CVE-2026-28586",
      "notes": [
        {
          "category": "description",
          "text": "AppOpsService.java contains multiple functions lacking proper permission checks, potentially enabling local information disclosure without user interaction or elevated execution privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28586 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28586.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-28586"
    }
  ]
}

OPENSUSE-SU-2025:15781-1

Vulnerability from csaf_opensuse - Published: 2025-11-28 00:00 - Updated: 2025-11-28 00:00

Summary

libpng16-16-1.6.51-1.1 on GA media

Severity

Moderate

Notes

Title of the patch: libpng16-16-1.6.51-1.1 on GA media

Description of the patch: These are all security issues fixed in the libpng16-16-1.6.51-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2025-15781

CVE-2025-64505

6.8 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Affected products

Recommended 40 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-64506

6.8 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Affected products

Recommended 40 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-64720

6.8 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Affected products

Recommended 40 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-65018

6.8 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Affected products

Recommended 40 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

14 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2025-64505/	self
https://www.suse.com/security/cve/CVE-2025-64506/	self
https://www.suse.com/security/cve/CVE-2025-64720/	self
https://www.suse.com/security/cve/CVE-2025-65018/	self
https://www.suse.com/security/cve/CVE-2025-64505	external
https://bugzilla.suse.com/1254157	external
https://www.suse.com/security/cve/CVE-2025-64506	external
https://bugzilla.suse.com/1254158	external
https://www.suse.com/security/cve/CVE-2025-64720	external
https://bugzilla.suse.com/1254159	external
https://www.suse.com/security/cve/CVE-2025-65018	external
https://bugzilla.suse.com/1254160	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "libpng16-16-1.6.51-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the libpng16-16-1.6.51-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2025-15781",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15781-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-64505 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-64505/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-64506 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-64506/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-64720 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-64720/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-65018 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-65018/"
      }
    ],
    "title": "libpng16-16-1.6.51-1.1 on GA media",
    "tracking": {
      "current_release_date": "2025-11-28T00:00:00Z",
      "generator": {
        "date": "2025-11-28T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2025:15781-1",
      "initial_release_date": "2025-11-28T00:00:00Z",
      "revision_history": [
        {
          "date": "2025-11-28T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpng16-16-1.6.51-1.1.aarch64",
                "product": {
                  "name": "libpng16-16-1.6.51-1.1.aarch64",
                  "product_id": "libpng16-16-1.6.51-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-16-32bit-1.6.51-1.1.aarch64",
                "product": {
                  "name": "libpng16-16-32bit-1.6.51-1.1.aarch64",
                  "product_id": "libpng16-16-32bit-1.6.51-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-16-x86-64-v3-1.6.51-1.1.aarch64",
                "product": {
                  "name": "libpng16-16-x86-64-v3-1.6.51-1.1.aarch64",
                  "product_id": "libpng16-16-x86-64-v3-1.6.51-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-compat-devel-1.6.51-1.1.aarch64",
                "product": {
                  "name": "libpng16-compat-devel-1.6.51-1.1.aarch64",
                  "product_id": "libpng16-compat-devel-1.6.51-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-compat-devel-32bit-1.6.51-1.1.aarch64",
                "product": {
                  "name": "libpng16-compat-devel-32bit-1.6.51-1.1.aarch64",
                  "product_id": "libpng16-compat-devel-32bit-1.6.51-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-compat-devel-x86-64-v3-1.6.51-1.1.aarch64",
                "product": {
                  "name": "libpng16-compat-devel-x86-64-v3-1.6.51-1.1.aarch64",
                  "product_id": "libpng16-compat-devel-x86-64-v3-1.6.51-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-devel-1.6.51-1.1.aarch64",
                "product": {
                  "name": "libpng16-devel-1.6.51-1.1.aarch64",
                  "product_id": "libpng16-devel-1.6.51-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-devel-32bit-1.6.51-1.1.aarch64",
                "product": {
                  "name": "libpng16-devel-32bit-1.6.51-1.1.aarch64",
                  "product_id": "libpng16-devel-32bit-1.6.51-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-devel-x86-64-v3-1.6.51-1.1.aarch64",
                "product": {
                  "name": "libpng16-devel-x86-64-v3-1.6.51-1.1.aarch64",
                  "product_id": "libpng16-devel-x86-64-v3-1.6.51-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-tools-1.6.51-1.1.aarch64",
                "product": {
                  "name": "libpng16-tools-1.6.51-1.1.aarch64",
                  "product_id": "libpng16-tools-1.6.51-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpng16-16-1.6.51-1.1.ppc64le",
                "product": {
                  "name": "libpng16-16-1.6.51-1.1.ppc64le",
                  "product_id": "libpng16-16-1.6.51-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-16-32bit-1.6.51-1.1.ppc64le",
                "product": {
                  "name": "libpng16-16-32bit-1.6.51-1.1.ppc64le",
                  "product_id": "libpng16-16-32bit-1.6.51-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-16-x86-64-v3-1.6.51-1.1.ppc64le",
                "product": {
                  "name": "libpng16-16-x86-64-v3-1.6.51-1.1.ppc64le",
                  "product_id": "libpng16-16-x86-64-v3-1.6.51-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-compat-devel-1.6.51-1.1.ppc64le",
                "product": {
                  "name": "libpng16-compat-devel-1.6.51-1.1.ppc64le",
                  "product_id": "libpng16-compat-devel-1.6.51-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-compat-devel-32bit-1.6.51-1.1.ppc64le",
                "product": {
                  "name": "libpng16-compat-devel-32bit-1.6.51-1.1.ppc64le",
                  "product_id": "libpng16-compat-devel-32bit-1.6.51-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-compat-devel-x86-64-v3-1.6.51-1.1.ppc64le",
                "product": {
                  "name": "libpng16-compat-devel-x86-64-v3-1.6.51-1.1.ppc64le",
                  "product_id": "libpng16-compat-devel-x86-64-v3-1.6.51-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-devel-1.6.51-1.1.ppc64le",
                "product": {
                  "name": "libpng16-devel-1.6.51-1.1.ppc64le",
                  "product_id": "libpng16-devel-1.6.51-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-devel-32bit-1.6.51-1.1.ppc64le",
                "product": {
                  "name": "libpng16-devel-32bit-1.6.51-1.1.ppc64le",
                  "product_id": "libpng16-devel-32bit-1.6.51-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-devel-x86-64-v3-1.6.51-1.1.ppc64le",
                "product": {
                  "name": "libpng16-devel-x86-64-v3-1.6.51-1.1.ppc64le",
                  "product_id": "libpng16-devel-x86-64-v3-1.6.51-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-tools-1.6.51-1.1.ppc64le",
                "product": {
                  "name": "libpng16-tools-1.6.51-1.1.ppc64le",
                  "product_id": "libpng16-tools-1.6.51-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpng16-16-1.6.51-1.1.s390x",
                "product": {
                  "name": "libpng16-16-1.6.51-1.1.s390x",
                  "product_id": "libpng16-16-1.6.51-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-16-32bit-1.6.51-1.1.s390x",
                "product": {
                  "name": "libpng16-16-32bit-1.6.51-1.1.s390x",
                  "product_id": "libpng16-16-32bit-1.6.51-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-16-x86-64-v3-1.6.51-1.1.s390x",
                "product": {
                  "name": "libpng16-16-x86-64-v3-1.6.51-1.1.s390x",
                  "product_id": "libpng16-16-x86-64-v3-1.6.51-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-compat-devel-1.6.51-1.1.s390x",
                "product": {
                  "name": "libpng16-compat-devel-1.6.51-1.1.s390x",
                  "product_id": "libpng16-compat-devel-1.6.51-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-compat-devel-32bit-1.6.51-1.1.s390x",
                "product": {
                  "name": "libpng16-compat-devel-32bit-1.6.51-1.1.s390x",
                  "product_id": "libpng16-compat-devel-32bit-1.6.51-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-compat-devel-x86-64-v3-1.6.51-1.1.s390x",
                "product": {
                  "name": "libpng16-compat-devel-x86-64-v3-1.6.51-1.1.s390x",
                  "product_id": "libpng16-compat-devel-x86-64-v3-1.6.51-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-devel-1.6.51-1.1.s390x",
                "product": {
                  "name": "libpng16-devel-1.6.51-1.1.s390x",
                  "product_id": "libpng16-devel-1.6.51-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-devel-32bit-1.6.51-1.1.s390x",
                "product": {
                  "name": "libpng16-devel-32bit-1.6.51-1.1.s390x",
                  "product_id": "libpng16-devel-32bit-1.6.51-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-devel-x86-64-v3-1.6.51-1.1.s390x",
                "product": {
                  "name": "libpng16-devel-x86-64-v3-1.6.51-1.1.s390x",
                  "product_id": "libpng16-devel-x86-64-v3-1.6.51-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-tools-1.6.51-1.1.s390x",
                "product": {
                  "name": "libpng16-tools-1.6.51-1.1.s390x",
                  "product_id": "libpng16-tools-1.6.51-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpng16-16-1.6.51-1.1.x86_64",
                "product": {
                  "name": "libpng16-16-1.6.51-1.1.x86_64",
                  "product_id": "libpng16-16-1.6.51-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-16-32bit-1.6.51-1.1.x86_64",
                "product": {
                  "name": "libpng16-16-32bit-1.6.51-1.1.x86_64",
                  "product_id": "libpng16-16-32bit-1.6.51-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-16-x86-64-v3-1.6.51-1.1.x86_64",
                "product": {
                  "name": "libpng16-16-x86-64-v3-1.6.51-1.1.x86_64",
                  "product_id": "libpng16-16-x86-64-v3-1.6.51-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-compat-devel-1.6.51-1.1.x86_64",
                "product": {
                  "name": "libpng16-compat-devel-1.6.51-1.1.x86_64",
                  "product_id": "libpng16-compat-devel-1.6.51-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-compat-devel-32bit-1.6.51-1.1.x86_64",
                "product": {
                  "name": "libpng16-compat-devel-32bit-1.6.51-1.1.x86_64",
                  "product_id": "libpng16-compat-devel-32bit-1.6.51-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-compat-devel-x86-64-v3-1.6.51-1.1.x86_64",
                "product": {
                  "name": "libpng16-compat-devel-x86-64-v3-1.6.51-1.1.x86_64",
                  "product_id": "libpng16-compat-devel-x86-64-v3-1.6.51-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-devel-1.6.51-1.1.x86_64",
                "product": {
                  "name": "libpng16-devel-1.6.51-1.1.x86_64",
                  "product_id": "libpng16-devel-1.6.51-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-devel-32bit-1.6.51-1.1.x86_64",
                "product": {
                  "name": "libpng16-devel-32bit-1.6.51-1.1.x86_64",
                  "product_id": "libpng16-devel-32bit-1.6.51-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-devel-x86-64-v3-1.6.51-1.1.x86_64",
                "product": {
                  "name": "libpng16-devel-x86-64-v3-1.6.51-1.1.x86_64",
                  "product_id": "libpng16-devel-x86-64-v3-1.6.51-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-tools-1.6.51-1.1.x86_64",
                "product": {
                  "name": "libpng16-tools-1.6.51-1.1.x86_64",
                  "product_id": "libpng16-tools-1.6.51-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-16-1.6.51-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.aarch64"
        },
        "product_reference": "libpng16-16-1.6.51-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-16-1.6.51-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.ppc64le"
        },
        "product_reference": "libpng16-16-1.6.51-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-16-1.6.51-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.s390x"
        },
        "product_reference": "libpng16-16-1.6.51-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-16-1.6.51-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.x86_64"
        },
        "product_reference": "libpng16-16-1.6.51-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-16-32bit-1.6.51-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.aarch64"
        },
        "product_reference": "libpng16-16-32bit-1.6.51-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-16-32bit-1.6.51-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.ppc64le"
        },
        "product_reference": "libpng16-16-32bit-1.6.51-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-16-32bit-1.6.51-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.s390x"
        },
        "product_reference": "libpng16-16-32bit-1.6.51-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-16-32bit-1.6.51-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.x86_64"
        },
        "product_reference": "libpng16-16-32bit-1.6.51-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-16-x86-64-v3-1.6.51-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.aarch64"
        },
        "product_reference": "libpng16-16-x86-64-v3-1.6.51-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-16-x86-64-v3-1.6.51-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.ppc64le"
        },
        "product_reference": "libpng16-16-x86-64-v3-1.6.51-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-16-x86-64-v3-1.6.51-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.s390x"
        },
        "product_reference": "libpng16-16-x86-64-v3-1.6.51-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-16-x86-64-v3-1.6.51-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.x86_64"
        },
        "product_reference": "libpng16-16-x86-64-v3-1.6.51-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-compat-devel-1.6.51-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.aarch64"
        },
        "product_reference": "libpng16-compat-devel-1.6.51-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-compat-devel-1.6.51-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.ppc64le"
        },
        "product_reference": "libpng16-compat-devel-1.6.51-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-compat-devel-1.6.51-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.s390x"
        },
        "product_reference": "libpng16-compat-devel-1.6.51-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-compat-devel-1.6.51-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.x86_64"
        },
        "product_reference": "libpng16-compat-devel-1.6.51-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-compat-devel-32bit-1.6.51-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.aarch64"
        },
        "product_reference": "libpng16-compat-devel-32bit-1.6.51-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-compat-devel-32bit-1.6.51-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.ppc64le"
        },
        "product_reference": "libpng16-compat-devel-32bit-1.6.51-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-compat-devel-32bit-1.6.51-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.s390x"
        },
        "product_reference": "libpng16-compat-devel-32bit-1.6.51-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-compat-devel-32bit-1.6.51-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.x86_64"
        },
        "product_reference": "libpng16-compat-devel-32bit-1.6.51-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-compat-devel-x86-64-v3-1.6.51-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.aarch64"
        },
        "product_reference": "libpng16-compat-devel-x86-64-v3-1.6.51-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-compat-devel-x86-64-v3-1.6.51-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.ppc64le"
        },
        "product_reference": "libpng16-compat-devel-x86-64-v3-1.6.51-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-compat-devel-x86-64-v3-1.6.51-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.s390x"
        },
        "product_reference": "libpng16-compat-devel-x86-64-v3-1.6.51-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-compat-devel-x86-64-v3-1.6.51-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.x86_64"
        },
        "product_reference": "libpng16-compat-devel-x86-64-v3-1.6.51-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-devel-1.6.51-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.aarch64"
        },
        "product_reference": "libpng16-devel-1.6.51-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-devel-1.6.51-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.ppc64le"
        },
        "product_reference": "libpng16-devel-1.6.51-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-devel-1.6.51-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.s390x"
        },
        "product_reference": "libpng16-devel-1.6.51-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-devel-1.6.51-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.x86_64"
        },
        "product_reference": "libpng16-devel-1.6.51-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-devel-32bit-1.6.51-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.aarch64"
        },
        "product_reference": "libpng16-devel-32bit-1.6.51-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-devel-32bit-1.6.51-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.ppc64le"
        },
        "product_reference": "libpng16-devel-32bit-1.6.51-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-devel-32bit-1.6.51-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.s390x"
        },
        "product_reference": "libpng16-devel-32bit-1.6.51-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-devel-32bit-1.6.51-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.x86_64"
        },
        "product_reference": "libpng16-devel-32bit-1.6.51-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-devel-x86-64-v3-1.6.51-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.aarch64"
        },
        "product_reference": "libpng16-devel-x86-64-v3-1.6.51-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-devel-x86-64-v3-1.6.51-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.ppc64le"
        },
        "product_reference": "libpng16-devel-x86-64-v3-1.6.51-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-devel-x86-64-v3-1.6.51-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.s390x"
        },
        "product_reference": "libpng16-devel-x86-64-v3-1.6.51-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-devel-x86-64-v3-1.6.51-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.x86_64"
        },
        "product_reference": "libpng16-devel-x86-64-v3-1.6.51-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-tools-1.6.51-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.aarch64"
        },
        "product_reference": "libpng16-tools-1.6.51-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-tools-1.6.51-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.ppc64le"
        },
        "product_reference": "libpng16-tools-1.6.51-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-tools-1.6.51-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.s390x"
        },
        "product_reference": "libpng16-tools-1.6.51-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-tools-1.6.51-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.x86_64"
        },
        "product_reference": "libpng16-tools-1.6.51-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-64505",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-64505"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng\u0027s png_do_quantize function when processing PNG files with malformed palette indices. The vulnerability occurs when palette_lookup array bounds are not validated against externally-supplied image data, allowing an attacker to craft a PNG file with out-of-range palette indices that trigger out-of-bounds memory access. This issue has been patched in version 1.6.51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-64505",
          "url": "https://www.suse.com/security/cve/CVE-2025-64505"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1254157 for CVE-2025-64505",
          "url": "https://bugzilla.suse.com/1254157"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-28T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-64505"
    },
    {
      "cve": "CVE-2025-64506",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-64506"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, a heap buffer over-read vulnerability exists in libpng\u0027s png_write_image_8bit function when processing 8-bit images through the simplified write API with convert_to_8bit enabled. The vulnerability affects 8-bit grayscale+alpha, RGB/RGBA, and images with incomplete row data. A conditional guard incorrectly allows 8-bit input to enter code expecting 16-bit input, causing reads up to 2 bytes beyond allocated buffer boundaries. This issue has been patched in version 1.6.51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-64506",
          "url": "https://www.suse.com/security/cve/CVE-2025-64506"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1254158 for CVE-2025-64506",
          "url": "https://bugzilla.suse.com/1254158"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-28T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-64506"
    },
    {
      "cve": "CVE-2025-64720",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-64720"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, an out-of-bounds read vulnerability exists in png_image_read_composite when processing palette images with PNG_FLAG_OPTIMIZE_ALPHA enabled. The palette compositing code in png_init_read_transformations incorrectly applies background compositing during premultiplication, violating the invariant component \u2264 alpha x 257 required by the simplified PNG API. This issue has been patched in version 1.6.51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-64720",
          "url": "https://www.suse.com/security/cve/CVE-2025-64720"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1254159 for CVE-2025-64720",
          "url": "https://bugzilla.suse.com/1254159"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-28T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-64720"
    },
    {
      "cve": "CVE-2025-65018",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-65018"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, there is a heap buffer overflow vulnerability in the libpng simplified API function png_image_finish_read when processing 16-bit interlaced PNGs with 8-bit output format. Attacker-crafted interlaced PNG files cause heap writes beyond allocated buffer bounds. This issue has been patched in version 1.6.51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.x86_64",
          "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.aarch64",
          "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.ppc64le",
          "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.s390x",
          "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-65018",
          "url": "https://www.suse.com/security/cve/CVE-2025-65018"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1254160 for CVE-2025-65018",
          "url": "https://bugzilla.suse.com/1254160"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-16-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-16-32bit-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-16-x86-64-v3-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-compat-devel-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-compat-devel-32bit-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-compat-devel-x86-64-v3-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-devel-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-devel-32bit-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-devel-x86-64-v3-1.6.51-1.1.x86_64",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.aarch64",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.ppc64le",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.s390x",
            "openSUSE Tumbleweed:libpng16-tools-1.6.51-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-28T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-65018"
    }
  ]
}

OPENSUSE-SU-2026:20017-1

Vulnerability from csaf_opensuse - Published: 2026-01-12 11:14 - Updated: 2026-01-12 11:14

Summary

Security update for libpng16

Severity

Important

Notes

Title of the patch: Security update for libpng16

Description of the patch: This update for libpng16 fixes the following issues: - CVE-2025-64505: heap buffer over-read in `png_do_quantize` when processing PNG files malformed palette indices (bsc#1254157). - CVE-2025-64506: heap buffer over-read in `png_write_image_8bit` when processing 8-bit input with `convert_to_8bit` enabled (bsc#1254158). - CVE-2025-64720: out-of-bounds read in `png_image_read_composite` when processing palette images with `PNG_FLAG_OPTIMIZE_ALPHA` enabled (bsc#1254159). - CVE-2025-65018: heap buffer overflow in `png_image_finish_read` when processing specially crafted 16-bit interlaced PNGs with 8-bit output format (bsc#1254160). - CVE-2025-66293: out-of-bounds read of the `png_sRGB_base` array when processing palette PNG images with partial transparency and gamma correction (bsc#1254480).

Patchnames: openSUSE-Leap-16.0-131

CVE-2025-64505

6.8 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Affected products

Recommended 19 products

Product	Version	Remediation
Unresolved product id: openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-64506

6.8 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Affected products

Recommended 19 products

Product	Version	Remediation
Unresolved product id: openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-64720

6.8 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Affected products

Recommended 19 products

Product	Version	Remediation
Unresolved product id: openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-65018

6.8 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Affected products

Recommended 19 products

Product	Version	Remediation
Unresolved product id: openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-66293

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

Affected products

Recommended 19 products

Product	Version	Remediation
Unresolved product id: openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.x86_64	—	Vendor Fix

Threats

Impact important

References

22 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://bugzilla.suse.com/1254157	self
https://bugzilla.suse.com/1254158	self
https://bugzilla.suse.com/1254159	self
https://bugzilla.suse.com/1254160	self
https://bugzilla.suse.com/1254480	self
https://www.suse.com/security/cve/CVE-2025-64505/	self
https://www.suse.com/security/cve/CVE-2025-64506/	self
https://www.suse.com/security/cve/CVE-2025-64720/	self
https://www.suse.com/security/cve/CVE-2025-65018/	self
https://www.suse.com/security/cve/CVE-2025-66293/	self
https://www.suse.com/security/cve/CVE-2025-64505	external
https://bugzilla.suse.com/1254157	external
https://www.suse.com/security/cve/CVE-2025-64506	external
https://bugzilla.suse.com/1254158	external
https://www.suse.com/security/cve/CVE-2025-64720	external
https://bugzilla.suse.com/1254159	external
https://www.suse.com/security/cve/CVE-2025-65018	external
https://bugzilla.suse.com/1254160	external
https://www.suse.com/security/cve/CVE-2025-66293	external
https://bugzilla.suse.com/1254480	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for libpng16",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for libpng16 fixes the following issues:\n\n- CVE-2025-64505: heap buffer over-read in `png_do_quantize` when processing PNG files malformed palette indices\n  (bsc#1254157).\n- CVE-2025-64506: heap buffer over-read in `png_write_image_8bit` when processing 8-bit input with `convert_to_8bit`\n  enabled (bsc#1254158).\n- CVE-2025-64720: out-of-bounds read in `png_image_read_composite` when processing palette images with\n  `PNG_FLAG_OPTIMIZE_ALPHA` enabled (bsc#1254159).\n- CVE-2025-65018: heap buffer overflow in `png_image_finish_read` when processing specially crafted 16-bit interlaced\n  PNGs with 8-bit output format (bsc#1254160).\n- CVE-2025-66293: out-of-bounds read of the `png_sRGB_base` array when processing palette PNG images with partial\n  transparency and gamma correction (bsc#1254480).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Leap-16.0-131",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_20017-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1254157",
        "url": "https://bugzilla.suse.com/1254157"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1254158",
        "url": "https://bugzilla.suse.com/1254158"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1254159",
        "url": "https://bugzilla.suse.com/1254159"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1254160",
        "url": "https://bugzilla.suse.com/1254160"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1254480",
        "url": "https://bugzilla.suse.com/1254480"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-64505 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-64505/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-64506 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-64506/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-64720 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-64720/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-65018 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-65018/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-66293 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-66293/"
      }
    ],
    "title": "Security update for libpng16",
    "tracking": {
      "current_release_date": "2026-01-12T11:14:46Z",
      "generator": {
        "date": "2026-01-12T11:14:46Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2026:20017-1",
      "initial_release_date": "2026-01-12T11:14:46Z",
      "revision_history": [
        {
          "date": "2026-01-12T11:14:46Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpng16-16-1.6.44-160000.3.1.aarch64",
                "product": {
                  "name": "libpng16-16-1.6.44-160000.3.1.aarch64",
                  "product_id": "libpng16-16-1.6.44-160000.3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-compat-devel-1.6.44-160000.3.1.aarch64",
                "product": {
                  "name": "libpng16-compat-devel-1.6.44-160000.3.1.aarch64",
                  "product_id": "libpng16-compat-devel-1.6.44-160000.3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-devel-1.6.44-160000.3.1.aarch64",
                "product": {
                  "name": "libpng16-devel-1.6.44-160000.3.1.aarch64",
                  "product_id": "libpng16-devel-1.6.44-160000.3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-tools-1.6.44-160000.3.1.aarch64",
                "product": {
                  "name": "libpng16-tools-1.6.44-160000.3.1.aarch64",
                  "product_id": "libpng16-tools-1.6.44-160000.3.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpng16-16-1.6.44-160000.3.1.ppc64le",
                "product": {
                  "name": "libpng16-16-1.6.44-160000.3.1.ppc64le",
                  "product_id": "libpng16-16-1.6.44-160000.3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-compat-devel-1.6.44-160000.3.1.ppc64le",
                "product": {
                  "name": "libpng16-compat-devel-1.6.44-160000.3.1.ppc64le",
                  "product_id": "libpng16-compat-devel-1.6.44-160000.3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-devel-1.6.44-160000.3.1.ppc64le",
                "product": {
                  "name": "libpng16-devel-1.6.44-160000.3.1.ppc64le",
                  "product_id": "libpng16-devel-1.6.44-160000.3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-tools-1.6.44-160000.3.1.ppc64le",
                "product": {
                  "name": "libpng16-tools-1.6.44-160000.3.1.ppc64le",
                  "product_id": "libpng16-tools-1.6.44-160000.3.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpng16-16-1.6.44-160000.3.1.s390x",
                "product": {
                  "name": "libpng16-16-1.6.44-160000.3.1.s390x",
                  "product_id": "libpng16-16-1.6.44-160000.3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-compat-devel-1.6.44-160000.3.1.s390x",
                "product": {
                  "name": "libpng16-compat-devel-1.6.44-160000.3.1.s390x",
                  "product_id": "libpng16-compat-devel-1.6.44-160000.3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-devel-1.6.44-160000.3.1.s390x",
                "product": {
                  "name": "libpng16-devel-1.6.44-160000.3.1.s390x",
                  "product_id": "libpng16-devel-1.6.44-160000.3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-tools-1.6.44-160000.3.1.s390x",
                "product": {
                  "name": "libpng16-tools-1.6.44-160000.3.1.s390x",
                  "product_id": "libpng16-tools-1.6.44-160000.3.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpng16-16-1.6.44-160000.3.1.x86_64",
                "product": {
                  "name": "libpng16-16-1.6.44-160000.3.1.x86_64",
                  "product_id": "libpng16-16-1.6.44-160000.3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64",
                "product": {
                  "name": "libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64",
                  "product_id": "libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-compat-devel-1.6.44-160000.3.1.x86_64",
                "product": {
                  "name": "libpng16-compat-devel-1.6.44-160000.3.1.x86_64",
                  "product_id": "libpng16-compat-devel-1.6.44-160000.3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
                "product": {
                  "name": "libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
                  "product_id": "libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-devel-1.6.44-160000.3.1.x86_64",
                "product": {
                  "name": "libpng16-devel-1.6.44-160000.3.1.x86_64",
                  "product_id": "libpng16-devel-1.6.44-160000.3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
                "product": {
                  "name": "libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
                  "product_id": "libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpng16-tools-1.6.44-160000.3.1.x86_64",
                "product": {
                  "name": "libpng16-tools-1.6.44-160000.3.1.x86_64",
                  "product_id": "libpng16-tools-1.6.44-160000.3.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Leap 16.0",
                "product": {
                  "name": "openSUSE Leap 16.0",
                  "product_id": "openSUSE Leap 16.0"
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-16-1.6.44-160000.3.1.aarch64 as component of openSUSE Leap 16.0",
          "product_id": "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.aarch64"
        },
        "product_reference": "libpng16-16-1.6.44-160000.3.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-16-1.6.44-160000.3.1.ppc64le as component of openSUSE Leap 16.0",
          "product_id": "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.ppc64le"
        },
        "product_reference": "libpng16-16-1.6.44-160000.3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-16-1.6.44-160000.3.1.s390x as component of openSUSE Leap 16.0",
          "product_id": "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.s390x"
        },
        "product_reference": "libpng16-16-1.6.44-160000.3.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-16-1.6.44-160000.3.1.x86_64 as component of openSUSE Leap 16.0",
          "product_id": "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.x86_64"
        },
        "product_reference": "libpng16-16-1.6.44-160000.3.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64 as component of openSUSE Leap 16.0",
          "product_id": "openSUSE Leap 16.0:libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64"
        },
        "product_reference": "libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-compat-devel-1.6.44-160000.3.1.aarch64 as component of openSUSE Leap 16.0",
          "product_id": "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.aarch64"
        },
        "product_reference": "libpng16-compat-devel-1.6.44-160000.3.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-compat-devel-1.6.44-160000.3.1.ppc64le as component of openSUSE Leap 16.0",
          "product_id": "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.ppc64le"
        },
        "product_reference": "libpng16-compat-devel-1.6.44-160000.3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-compat-devel-1.6.44-160000.3.1.s390x as component of openSUSE Leap 16.0",
          "product_id": "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.s390x"
        },
        "product_reference": "libpng16-compat-devel-1.6.44-160000.3.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-compat-devel-1.6.44-160000.3.1.x86_64 as component of openSUSE Leap 16.0",
          "product_id": "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.x86_64"
        },
        "product_reference": "libpng16-compat-devel-1.6.44-160000.3.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64 as component of openSUSE Leap 16.0",
          "product_id": "openSUSE Leap 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64"
        },
        "product_reference": "libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-devel-1.6.44-160000.3.1.aarch64 as component of openSUSE Leap 16.0",
          "product_id": "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.aarch64"
        },
        "product_reference": "libpng16-devel-1.6.44-160000.3.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-devel-1.6.44-160000.3.1.ppc64le as component of openSUSE Leap 16.0",
          "product_id": "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.ppc64le"
        },
        "product_reference": "libpng16-devel-1.6.44-160000.3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-devel-1.6.44-160000.3.1.s390x as component of openSUSE Leap 16.0",
          "product_id": "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.s390x"
        },
        "product_reference": "libpng16-devel-1.6.44-160000.3.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-devel-1.6.44-160000.3.1.x86_64 as component of openSUSE Leap 16.0",
          "product_id": "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.x86_64"
        },
        "product_reference": "libpng16-devel-1.6.44-160000.3.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64 as component of openSUSE Leap 16.0",
          "product_id": "openSUSE Leap 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64"
        },
        "product_reference": "libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-tools-1.6.44-160000.3.1.aarch64 as component of openSUSE Leap 16.0",
          "product_id": "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.aarch64"
        },
        "product_reference": "libpng16-tools-1.6.44-160000.3.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-tools-1.6.44-160000.3.1.ppc64le as component of openSUSE Leap 16.0",
          "product_id": "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.ppc64le"
        },
        "product_reference": "libpng16-tools-1.6.44-160000.3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-tools-1.6.44-160000.3.1.s390x as component of openSUSE Leap 16.0",
          "product_id": "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.s390x"
        },
        "product_reference": "libpng16-tools-1.6.44-160000.3.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng16-tools-1.6.44-160000.3.1.x86_64 as component of openSUSE Leap 16.0",
          "product_id": "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.x86_64"
        },
        "product_reference": "libpng16-tools-1.6.44-160000.3.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 16.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-64505",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-64505"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng\u0027s png_do_quantize function when processing PNG files with malformed palette indices. The vulnerability occurs when palette_lookup array bounds are not validated against externally-supplied image data, allowing an attacker to craft a PNG file with out-of-range palette indices that trigger out-of-bounds memory access. This issue has been patched in version 1.6.51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.aarch64",
          "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.ppc64le",
          "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.s390x",
          "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.aarch64",
          "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.ppc64le",
          "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.s390x",
          "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.aarch64",
          "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.ppc64le",
          "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.s390x",
          "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.aarch64",
          "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.ppc64le",
          "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.s390x",
          "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-64505",
          "url": "https://www.suse.com/security/cve/CVE-2025-64505"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1254157 for CVE-2025-64505",
          "url": "https://bugzilla.suse.com/1254157"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-01-12T11:14:46Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-64505"
    },
    {
      "cve": "CVE-2025-64506",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-64506"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, a heap buffer over-read vulnerability exists in libpng\u0027s png_write_image_8bit function when processing 8-bit images through the simplified write API with convert_to_8bit enabled. The vulnerability affects 8-bit grayscale+alpha, RGB/RGBA, and images with incomplete row data. A conditional guard incorrectly allows 8-bit input to enter code expecting 16-bit input, causing reads up to 2 bytes beyond allocated buffer boundaries. This issue has been patched in version 1.6.51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.aarch64",
          "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.ppc64le",
          "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.s390x",
          "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.aarch64",
          "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.ppc64le",
          "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.s390x",
          "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.aarch64",
          "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.ppc64le",
          "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.s390x",
          "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.aarch64",
          "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.ppc64le",
          "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.s390x",
          "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-64506",
          "url": "https://www.suse.com/security/cve/CVE-2025-64506"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1254158 for CVE-2025-64506",
          "url": "https://bugzilla.suse.com/1254158"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-01-12T11:14:46Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-64506"
    },
    {
      "cve": "CVE-2025-64720",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-64720"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, an out-of-bounds read vulnerability exists in png_image_read_composite when processing palette images with PNG_FLAG_OPTIMIZE_ALPHA enabled. The palette compositing code in png_init_read_transformations incorrectly applies background compositing during premultiplication, violating the invariant component \u2264 alpha x 257 required by the simplified PNG API. This issue has been patched in version 1.6.51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.aarch64",
          "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.ppc64le",
          "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.s390x",
          "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.aarch64",
          "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.ppc64le",
          "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.s390x",
          "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.aarch64",
          "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.ppc64le",
          "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.s390x",
          "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.aarch64",
          "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.ppc64le",
          "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.s390x",
          "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-64720",
          "url": "https://www.suse.com/security/cve/CVE-2025-64720"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1254159 for CVE-2025-64720",
          "url": "https://bugzilla.suse.com/1254159"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-01-12T11:14:46Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-64720"
    },
    {
      "cve": "CVE-2025-65018",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-65018"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, there is a heap buffer overflow vulnerability in the libpng simplified API function png_image_finish_read when processing 16-bit interlaced PNGs with 8-bit output format. Attacker-crafted interlaced PNG files cause heap writes beyond allocated buffer bounds. This issue has been patched in version 1.6.51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.aarch64",
          "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.ppc64le",
          "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.s390x",
          "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.aarch64",
          "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.ppc64le",
          "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.s390x",
          "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.aarch64",
          "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.ppc64le",
          "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.s390x",
          "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.aarch64",
          "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.ppc64le",
          "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.s390x",
          "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-65018",
          "url": "https://www.suse.com/security/cve/CVE-2025-65018"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1254160 for CVE-2025-65018",
          "url": "https://bugzilla.suse.com/1254160"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-01-12T11:14:46Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-65018"
    },
    {
      "cve": "CVE-2025-66293",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-66293"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng\u0027s simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512] array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger this vulnerability are valid per the PNG specification; the bug is in libpng\u0027s internal state management. Upgrade to libpng 1.6.52 or later.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.aarch64",
          "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.ppc64le",
          "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.s390x",
          "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.aarch64",
          "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.ppc64le",
          "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.s390x",
          "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.aarch64",
          "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.ppc64le",
          "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.s390x",
          "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
          "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.aarch64",
          "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.ppc64le",
          "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.s390x",
          "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-66293",
          "url": "https://www.suse.com/security/cve/CVE-2025-66293"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1254480 for CVE-2025-66293",
          "url": "https://bugzilla.suse.com/1254480"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-16-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-16-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-compat-devel-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-compat-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-devel-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-devel-x86-64-v3-1.6.44-160000.3.1.x86_64",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.aarch64",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.ppc64le",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.s390x",
            "openSUSE Leap 16.0:libpng16-tools-1.6.44-160000.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-01-12T11:14:46Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-66293"
    }
  ]
}

RHSA-2026:0125

Vulnerability from csaf_redhat - Published: 2026-01-06 11:25 - Updated: 2026-06-02 15:25

Summary

Red Hat Security Advisory: mingw-libpng security update

Severity

Important

Notes

Topic: An update for mingw-libpng is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: MinGW Windows Libpng library. Security Fix(es): * libpng: LIBPNG buffer overflow (CVE-2025-64720) * libpng: LIBPNG heap buffer overflow (CVE-2025-65018) * libpng: LIBPNG out-of-bounds read in png_image_read_composite (CVE-2025-66293) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2025-64720

A buffer overflow flaw has been discovered in libpng. An out-of-bounds read vulnerability exists in png_image_read_composite when processing palette images with PNG_FLAG_OPTIMIZE_ALPHA enabled. The palette compositing code in png_init_read_transformations incorrectly applies background compositing during premultiplication, violating the invariant component ≤ alpha × 257 required by the simplified PNG API.

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

CWE-125 - Out-of-bounds Read

Affected products

Fixed 7 products

Product	Version	Remediation
Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:mingw-libpng-0:1.6.34-1.el8_10.src	—	Vendor Fix fix Workaround
Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-0:1.6.34-1.el8_10.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-debuginfo-0:1.6.34-1.el8_10.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-static-0:1.6.34-1.el8_10.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-0:1.6.34-1.el8_10.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-debuginfo-0:1.6.34-1.el8_10.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-static-0:1.6.34-1.el8_10.noarch	—	Vendor Fix fix Workaround

Threats

Impact Important

CVE-2025-65018

A buffer overflow flaw has been discovered in libpng. There is a heap buffer overflow vulnerability in the libpng simplified API function png_image_finish_read when processing 16-bit interlaced PNGs with 8-bit output format. Attacker-crafted interlaced PNG files cause heap writes beyond allocated buffer bounds.

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

CWE-787 - Out-of-bounds Write

Affected products

Fixed 7 products

Product	Version	Remediation
Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:mingw-libpng-0:1.6.34-1.el8_10.src	—	Vendor Fix fix Workaround
Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-0:1.6.34-1.el8_10.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-debuginfo-0:1.6.34-1.el8_10.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-static-0:1.6.34-1.el8_10.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-0:1.6.34-1.el8_10.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-debuginfo-0:1.6.34-1.el8_10.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-static-0:1.6.34-1.el8_10.noarch	—	Vendor Fix fix Workaround

Threats

Impact Important

CVE-2025-66293

An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng's simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512] array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger this vulnerability are valid per the PNG specification; the bug is in libpng's internal state management.

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

CWE-125 - Out-of-bounds Read

Affected products

Fixed 7 products

Product	Version	Remediation
Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:mingw-libpng-0:1.6.34-1.el8_10.src	—	Vendor Fix fix Workaround
Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-0:1.6.34-1.el8_10.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-debuginfo-0:1.6.34-1.el8_10.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-static-0:1.6.34-1.el8_10.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-0:1.6.34-1.el8_10.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-debuginfo-0:1.6.34-1.el8_10.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-static-0:1.6.34-1.el8_10.noarch	—	Vendor Fix fix Workaround

Threats

Impact Important

References

31 references

URL	Category
https://access.redhat.com/errata/RHSA-2026:0125	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2416904	external
https://bugzilla.redhat.com/show_bug.cgi?id=2416907	external
https://bugzilla.redhat.com/show_bug.cgi?id=2418711	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2025-64720	self
https://bugzilla.redhat.com/show_bug.cgi?id=2416904	external
https://www.cve.org/CVERecord?id=CVE-2025-64720	external
https://nvd.nist.gov/vuln/detail/CVE-2025-64720	external
https://github.com/pnggroup/libpng/commit/08da33b…	external
https://github.com/pnggroup/libpng/issues/686	external
https://github.com/pnggroup/libpng/pull/751	external
https://github.com/pnggroup/libpng/security/advis…	external
https://access.redhat.com/security/cve/CVE-2025-65018	self
https://bugzilla.redhat.com/show_bug.cgi?id=2416907	external
https://www.cve.org/CVERecord?id=CVE-2025-65018	external
https://nvd.nist.gov/vuln/detail/CVE-2025-65018	external
https://github.com/pnggroup/libpng/commit/16b5e38…	external
https://github.com/pnggroup/libpng/commit/218612d…	external
https://github.com/pnggroup/libpng/issues/755	external
https://github.com/pnggroup/libpng/pull/757	external
https://github.com/pnggroup/libpng/security/advis…	external
https://access.redhat.com/security/cve/CVE-2025-66293	self
https://bugzilla.redhat.com/show_bug.cgi?id=2418711	external
https://www.cve.org/CVERecord?id=CVE-2025-66293	external
https://nvd.nist.gov/vuln/detail/CVE-2025-66293	external
https://github.com/pnggroup/libpng/commit/788a624…	external
https://github.com/pnggroup/libpng/commit/a05a48b…	external
https://github.com/pnggroup/libpng/issues/764	external
https://github.com/pnggroup/libpng/security/advis…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for mingw-libpng is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "MinGW Windows Libpng library.\n\nSecurity Fix(es):\n\n* libpng: LIBPNG buffer overflow (CVE-2025-64720)\n\n* libpng: LIBPNG heap buffer overflow (CVE-2025-65018)\n\n* libpng: LIBPNG out-of-bounds read in png_image_read_composite (CVE-2025-66293)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:0125",
        "url": "https://access.redhat.com/errata/RHSA-2026:0125"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2416904",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416904"
      },
      {
        "category": "external",
        "summary": "2416907",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416907"
      },
      {
        "category": "external",
        "summary": "2418711",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418711"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0125.json"
      }
    ],
    "title": "Red Hat Security Advisory: mingw-libpng security update",
    "tracking": {
      "current_release_date": "2026-06-02T15:25:50+00:00",
      "generator": {
        "date": "2026-06-02T15:25:50+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.1"
        }
      },
      "id": "RHSA-2026:0125",
      "initial_release_date": "2026-01-06T11:25:54+00:00",
      "revision_history": [
        {
          "date": "2026-01-06T11:25:54+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-01-06T11:25:54+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-02T15:25:50+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux CRB (v. 8)",
                "product": {
                  "name": "Red Hat Enterprise Linux CRB (v. 8)",
                  "product_id": "CRB-8.10.0.Z.MAIN.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_linux:8::crb"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "mingw-libpng-0:1.6.34-1.el8_10.src",
                "product": {
                  "name": "mingw-libpng-0:1.6.34-1.el8_10.src",
                  "product_id": "mingw-libpng-0:1.6.34-1.el8_10.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mingw-libpng@1.6.34-1.el8_10?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "mingw32-libpng-0:1.6.34-1.el8_10.noarch",
                "product": {
                  "name": "mingw32-libpng-0:1.6.34-1.el8_10.noarch",
                  "product_id": "mingw32-libpng-0:1.6.34-1.el8_10.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mingw32-libpng@1.6.34-1.el8_10?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mingw32-libpng-static-0:1.6.34-1.el8_10.noarch",
                "product": {
                  "name": "mingw32-libpng-static-0:1.6.34-1.el8_10.noarch",
                  "product_id": "mingw32-libpng-static-0:1.6.34-1.el8_10.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mingw32-libpng-static@1.6.34-1.el8_10?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mingw64-libpng-0:1.6.34-1.el8_10.noarch",
                "product": {
                  "name": "mingw64-libpng-0:1.6.34-1.el8_10.noarch",
                  "product_id": "mingw64-libpng-0:1.6.34-1.el8_10.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mingw64-libpng@1.6.34-1.el8_10?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mingw64-libpng-static-0:1.6.34-1.el8_10.noarch",
                "product": {
                  "name": "mingw64-libpng-static-0:1.6.34-1.el8_10.noarch",
                  "product_id": "mingw64-libpng-static-0:1.6.34-1.el8_10.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mingw64-libpng-static@1.6.34-1.el8_10?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mingw32-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
                "product": {
                  "name": "mingw32-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
                  "product_id": "mingw32-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mingw32-libpng-debuginfo@1.6.34-1.el8_10?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mingw64-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
                "product": {
                  "name": "mingw64-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
                  "product_id": "mingw64-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mingw64-libpng-debuginfo@1.6.34-1.el8_10?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mingw-libpng-0:1.6.34-1.el8_10.src as a component of Red Hat Enterprise Linux CRB (v. 8)",
          "product_id": "CRB-8.10.0.Z.MAIN.EUS:mingw-libpng-0:1.6.34-1.el8_10.src"
        },
        "product_reference": "mingw-libpng-0:1.6.34-1.el8_10.src",
        "relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mingw32-libpng-0:1.6.34-1.el8_10.noarch as a component of Red Hat Enterprise Linux CRB (v. 8)",
          "product_id": "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-0:1.6.34-1.el8_10.noarch"
        },
        "product_reference": "mingw32-libpng-0:1.6.34-1.el8_10.noarch",
        "relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mingw32-libpng-debuginfo-0:1.6.34-1.el8_10.noarch as a component of Red Hat Enterprise Linux CRB (v. 8)",
          "product_id": "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-debuginfo-0:1.6.34-1.el8_10.noarch"
        },
        "product_reference": "mingw32-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
        "relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mingw32-libpng-static-0:1.6.34-1.el8_10.noarch as a component of Red Hat Enterprise Linux CRB (v. 8)",
          "product_id": "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-static-0:1.6.34-1.el8_10.noarch"
        },
        "product_reference": "mingw32-libpng-static-0:1.6.34-1.el8_10.noarch",
        "relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mingw64-libpng-0:1.6.34-1.el8_10.noarch as a component of Red Hat Enterprise Linux CRB (v. 8)",
          "product_id": "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-0:1.6.34-1.el8_10.noarch"
        },
        "product_reference": "mingw64-libpng-0:1.6.34-1.el8_10.noarch",
        "relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mingw64-libpng-debuginfo-0:1.6.34-1.el8_10.noarch as a component of Red Hat Enterprise Linux CRB (v. 8)",
          "product_id": "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-debuginfo-0:1.6.34-1.el8_10.noarch"
        },
        "product_reference": "mingw64-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
        "relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mingw64-libpng-static-0:1.6.34-1.el8_10.noarch as a component of Red Hat Enterprise Linux CRB (v. 8)",
          "product_id": "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-static-0:1.6.34-1.el8_10.noarch"
        },
        "product_reference": "mingw64-libpng-static-0:1.6.34-1.el8_10.noarch",
        "relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-64720",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "discovery_date": "2025-11-25T00:00:54.081073+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2416904"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A buffer overflow flaw has been discovered in libpng. An out-of-bounds read vulnerability exists in png_image_read_composite when processing palette images with PNG_FLAG_OPTIMIZE_ALPHA enabled. The palette compositing code in png_init_read_transformations incorrectly applies background compositing during premultiplication, violating the invariant component \u2264 alpha \u00d7 257 required by the simplified PNG API.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libpng: LIBPNG buffer overflow",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated Important for Red Hat products. An out-of-bounds read in libpng can occur when processing specially crafted palette images with `PNG_FLAG_OPTIMIZE_ALPHA` enabled. Successful exploitation requires a user to process a malicious PNG file, leading to potential application crash or information disclosure.\n\njava-*-openjdk-headless packages do not contain libsplashscreen.so, hence are not affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "CRB-8.10.0.Z.MAIN.EUS:mingw-libpng-0:1.6.34-1.el8_10.src",
          "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-0:1.6.34-1.el8_10.noarch",
          "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
          "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-static-0:1.6.34-1.el8_10.noarch",
          "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-0:1.6.34-1.el8_10.noarch",
          "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
          "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-static-0:1.6.34-1.el8_10.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-64720"
        },
        {
          "category": "external",
          "summary": "RHBZ#2416904",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416904"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-64720",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-64720"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-64720",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64720"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/commit/08da33b4c88cfcd36e5a706558a8d7e0e4773643",
          "url": "https://github.com/pnggroup/libpng/commit/08da33b4c88cfcd36e5a706558a8d7e0e4773643"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/issues/686",
          "url": "https://github.com/pnggroup/libpng/issues/686"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/pull/751",
          "url": "https://github.com/pnggroup/libpng/pull/751"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/security/advisories/GHSA-hfc7-ph9c-wcww",
          "url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-hfc7-ph9c-wcww"
        }
      ],
      "release_date": "2025-11-24T23:45:38.315000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-01-06T11:25:54+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "CRB-8.10.0.Z.MAIN.EUS:mingw-libpng-0:1.6.34-1.el8_10.src",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-static-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-static-0:1.6.34-1.el8_10.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:0125"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "CRB-8.10.0.Z.MAIN.EUS:mingw-libpng-0:1.6.34-1.el8_10.src",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-static-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-static-0:1.6.34-1.el8_10.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CRB-8.10.0.Z.MAIN.EUS:mingw-libpng-0:1.6.34-1.el8_10.src",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-static-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-static-0:1.6.34-1.el8_10.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "libpng: LIBPNG buffer overflow"
    },
    {
      "cve": "CVE-2025-65018",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "discovery_date": "2025-11-25T00:01:05.570152+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2416907"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A buffer overflow flaw has been discovered in libpng. There is a heap buffer overflow vulnerability in the libpng simplified API function png_image_finish_read when processing 16-bit interlaced PNGs with 8-bit output format. Attacker-crafted interlaced PNG files cause heap writes beyond allocated buffer bounds.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libpng: LIBPNG heap buffer overflow",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated Important for Red Hat products. A heap buffer overflow exists in the libpng library\u0027s png_image_finish_read function when processing specially crafted 16-bit interlaced PNG images with an 8-bit output format. Successful exploitation requires a user or an automated system to process a malicious PNG file, which could lead to application crashes or arbitrary code execution.\n\njava-*-openjdk-headless packages do not contain libsplashscreen.so, hence are not affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "CRB-8.10.0.Z.MAIN.EUS:mingw-libpng-0:1.6.34-1.el8_10.src",
          "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-0:1.6.34-1.el8_10.noarch",
          "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
          "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-static-0:1.6.34-1.el8_10.noarch",
          "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-0:1.6.34-1.el8_10.noarch",
          "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
          "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-static-0:1.6.34-1.el8_10.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-65018"
        },
        {
          "category": "external",
          "summary": "RHBZ#2416907",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416907"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-65018",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-65018"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-65018",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65018"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/commit/16b5e3823918840aae65c0a6da57c78a5a496a4d",
          "url": "https://github.com/pnggroup/libpng/commit/16b5e3823918840aae65c0a6da57c78a5a496a4d"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/commit/218612ddd6b17944e21eda56caf8b4bf7779d1ea",
          "url": "https://github.com/pnggroup/libpng/commit/218612ddd6b17944e21eda56caf8b4bf7779d1ea"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/issues/755",
          "url": "https://github.com/pnggroup/libpng/issues/755"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/pull/757",
          "url": "https://github.com/pnggroup/libpng/pull/757"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/security/advisories/GHSA-7wv6-48j4-hj3g",
          "url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-7wv6-48j4-hj3g"
        }
      ],
      "release_date": "2025-11-24T23:50:18.294000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-01-06T11:25:54+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "CRB-8.10.0.Z.MAIN.EUS:mingw-libpng-0:1.6.34-1.el8_10.src",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-static-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-static-0:1.6.34-1.el8_10.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:0125"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "CRB-8.10.0.Z.MAIN.EUS:mingw-libpng-0:1.6.34-1.el8_10.src",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-static-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-static-0:1.6.34-1.el8_10.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CRB-8.10.0.Z.MAIN.EUS:mingw-libpng-0:1.6.34-1.el8_10.src",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-static-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-static-0:1.6.34-1.el8_10.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "libpng: LIBPNG heap buffer overflow"
    },
    {
      "cve": "CVE-2025-66293",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "discovery_date": "2025-12-03T21:00:59.956903+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2418711"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng\u0027s simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512] array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger this vulnerability are valid per the PNG specification; the bug is in libpng\u0027s internal state management.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libpng: LIBPNG out-of-bounds read in png_image_read_composite",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The Red Hat Product Security team has rated this vulnerability as Important as it affects libpng, a widely used library for PNG image processing. The flaw is due to an out-of-bounds read in libpng\u2019s simplified API when handling specially crafted PNG images containing partial transparency and gamma correction data. Successful exploitation could result in information disclosure or cause application crashes in applications processing untrusted PNG content.\n\nFor `java-17-openjdk-headless` and `java-21-openjdk-headless`, while the affected code is present in the bundled sources, it is not exercised by these headless packages.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "CRB-8.10.0.Z.MAIN.EUS:mingw-libpng-0:1.6.34-1.el8_10.src",
          "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-0:1.6.34-1.el8_10.noarch",
          "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
          "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-static-0:1.6.34-1.el8_10.noarch",
          "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-0:1.6.34-1.el8_10.noarch",
          "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
          "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-static-0:1.6.34-1.el8_10.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-66293"
        },
        {
          "category": "external",
          "summary": "RHBZ#2418711",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418711"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-66293",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-66293"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66293",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66293"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/commit/788a624d7387a758ffd5c7ab010f1870dea753a1",
          "url": "https://github.com/pnggroup/libpng/commit/788a624d7387a758ffd5c7ab010f1870dea753a1"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/commit/a05a48b756de63e3234ea6b3b938b8f5f862484a",
          "url": "https://github.com/pnggroup/libpng/commit/a05a48b756de63e3234ea6b3b938b8f5f862484a"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/issues/764",
          "url": "https://github.com/pnggroup/libpng/issues/764"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/security/advisories/GHSA-9mpm-9pxh-mg4f",
          "url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-9mpm-9pxh-mg4f"
        }
      ],
      "release_date": "2025-12-03T20:33:57.086000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-01-06T11:25:54+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "CRB-8.10.0.Z.MAIN.EUS:mingw-libpng-0:1.6.34-1.el8_10.src",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-static-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-static-0:1.6.34-1.el8_10.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:0125"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "CRB-8.10.0.Z.MAIN.EUS:mingw-libpng-0:1.6.34-1.el8_10.src",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-static-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-static-0:1.6.34-1.el8_10.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CRB-8.10.0.Z.MAIN.EUS:mingw-libpng-0:1.6.34-1.el8_10.src",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw32-libpng-static-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-debuginfo-0:1.6.34-1.el8_10.noarch",
            "CRB-8.10.0.Z.MAIN.EUS:mingw64-libpng-static-0:1.6.34-1.el8_10.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "libpng: LIBPNG out-of-bounds read in png_image_read_composite"
    }
  ]
}

RHSA-2026:0210

Vulnerability from csaf_redhat - Published: 2026-01-07 13:02 - Updated: 2026-06-02 15:25

Summary

Red Hat Security Advisory: libpng security update

Severity

Important

Notes

Topic: An update for libpng is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics (PNG) image format files. Security Fix(es): * libpng: LIBPNG buffer overflow (CVE-2025-64720) * libpng: LIBPNG heap buffer overflow (CVE-2025-65018) * libpng: LIBPNG out-of-bounds read in png_image_read_composite (CVE-2025-66293) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-64720

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

CWE-125 - Out-of-bounds Read

Affected products

Fixed 62 products

Product	Version	Remediation
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Important

CVE-2025-65018

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

CWE-787 - Out-of-bounds Write

Affected products

Fixed 62 products

Product	Version	Remediation
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Important

CVE-2025-66293

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

CWE-125 - Out-of-bounds Read

Affected products

Fixed 62 products

Product	Version	Remediation
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Important

References

31 references

URL	Category
https://access.redhat.com/errata/RHSA-2026:0210	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2416904	external
https://bugzilla.redhat.com/show_bug.cgi?id=2416907	external
https://bugzilla.redhat.com/show_bug.cgi?id=2418711	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2025-64720	self
https://bugzilla.redhat.com/show_bug.cgi?id=2416904	external
https://www.cve.org/CVERecord?id=CVE-2025-64720	external
https://nvd.nist.gov/vuln/detail/CVE-2025-64720	external
https://github.com/pnggroup/libpng/commit/08da33b…	external
https://github.com/pnggroup/libpng/issues/686	external
https://github.com/pnggroup/libpng/pull/751	external
https://github.com/pnggroup/libpng/security/advis…	external
https://access.redhat.com/security/cve/CVE-2025-65018	self
https://bugzilla.redhat.com/show_bug.cgi?id=2416907	external
https://www.cve.org/CVERecord?id=CVE-2025-65018	external
https://nvd.nist.gov/vuln/detail/CVE-2025-65018	external
https://github.com/pnggroup/libpng/commit/16b5e38…	external
https://github.com/pnggroup/libpng/commit/218612d…	external
https://github.com/pnggroup/libpng/issues/755	external
https://github.com/pnggroup/libpng/pull/757	external
https://github.com/pnggroup/libpng/security/advis…	external
https://access.redhat.com/security/cve/CVE-2025-66293	self
https://bugzilla.redhat.com/show_bug.cgi?id=2418711	external
https://www.cve.org/CVERecord?id=CVE-2025-66293	external
https://nvd.nist.gov/vuln/detail/CVE-2025-66293	external
https://github.com/pnggroup/libpng/commit/788a624…	external
https://github.com/pnggroup/libpng/commit/a05a48b…	external
https://github.com/pnggroup/libpng/issues/764	external
https://github.com/pnggroup/libpng/security/advis…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for libpng is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics (PNG) image format files.\n\nSecurity Fix(es):\n\n* libpng: LIBPNG buffer overflow (CVE-2025-64720)\n\n* libpng: LIBPNG heap buffer overflow (CVE-2025-65018)\n\n* libpng: LIBPNG out-of-bounds read in png_image_read_composite (CVE-2025-66293)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:0210",
        "url": "https://access.redhat.com/errata/RHSA-2026:0210"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2416904",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416904"
      },
      {
        "category": "external",
        "summary": "2416907",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416907"
      },
      {
        "category": "external",
        "summary": "2418711",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418711"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0210.json"
      }
    ],
    "title": "Red Hat Security Advisory: libpng security update",
    "tracking": {
      "current_release_date": "2026-06-02T15:25:42+00:00",
      "generator": {
        "date": "2026-06-02T15:25:42+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.1"
        }
      },
      "id": "RHSA-2026:0210",
      "initial_release_date": "2026-01-07T13:02:56+00:00",
      "revision_history": [
        {
          "date": "2026-01-07T13:02:56+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-01-07T13:02:56+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-02T15:25:42+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
                "product": {
                  "name": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
                  "product_id": "AppStream-9.6.0.Z.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_eus:9.6::appstream"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
                "product": {
                  "name": "Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
                  "product_id": "BaseOS-9.6.0.Z.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:rhel_eus:9.6::baseos"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpng-2:1.6.37-12.el9_6.1.s390x",
                "product": {
                  "name": "libpng-2:1.6.37-12.el9_6.1.s390x",
                  "product_id": "libpng-2:1.6.37-12.el9_6.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng@1.6.37-12.el9_6.1?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-devel-2:1.6.37-12.el9_6.1.s390x",
                "product": {
                  "name": "libpng-devel-2:1.6.37-12.el9_6.1.s390x",
                  "product_id": "libpng-devel-2:1.6.37-12.el9_6.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-devel@1.6.37-12.el9_6.1?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
                "product": {
                  "name": "libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
                  "product_id": "libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-debugsource@1.6.37-12.el9_6.1?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
                "product": {
                  "name": "libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
                  "product_id": "libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-debuginfo@1.6.37-12.el9_6.1?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
                "product": {
                  "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
                  "product_id": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-devel-debuginfo@1.6.37-12.el9_6.1?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
                "product": {
                  "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
                  "product_id": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-tools-debuginfo@1.6.37-12.el9_6.1?arch=s390x\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
                "product": {
                  "name": "libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
                  "product_id": "libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-devel@1.6.37-12.el9_6.1?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
                "product": {
                  "name": "libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
                  "product_id": "libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-debugsource@1.6.37-12.el9_6.1?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
                "product": {
                  "name": "libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
                  "product_id": "libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-debuginfo@1.6.37-12.el9_6.1?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
                "product": {
                  "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
                  "product_id": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-devel-debuginfo@1.6.37-12.el9_6.1?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
                "product": {
                  "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
                  "product_id": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-tools-debuginfo@1.6.37-12.el9_6.1?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-2:1.6.37-12.el9_6.1.aarch64",
                "product": {
                  "name": "libpng-2:1.6.37-12.el9_6.1.aarch64",
                  "product_id": "libpng-2:1.6.37-12.el9_6.1.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng@1.6.37-12.el9_6.1?arch=aarch64\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
                "product": {
                  "name": "libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
                  "product_id": "libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-devel@1.6.37-12.el9_6.1?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
                "product": {
                  "name": "libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
                  "product_id": "libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-debugsource@1.6.37-12.el9_6.1?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
                "product": {
                  "name": "libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
                  "product_id": "libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-debuginfo@1.6.37-12.el9_6.1?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
                "product": {
                  "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
                  "product_id": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-devel-debuginfo@1.6.37-12.el9_6.1?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
                "product": {
                  "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
                  "product_id": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-tools-debuginfo@1.6.37-12.el9_6.1?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-2:1.6.37-12.el9_6.1.ppc64le",
                "product": {
                  "name": "libpng-2:1.6.37-12.el9_6.1.ppc64le",
                  "product_id": "libpng-2:1.6.37-12.el9_6.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng@1.6.37-12.el9_6.1?arch=ppc64le\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpng-devel-2:1.6.37-12.el9_6.1.i686",
                "product": {
                  "name": "libpng-devel-2:1.6.37-12.el9_6.1.i686",
                  "product_id": "libpng-devel-2:1.6.37-12.el9_6.1.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-devel@1.6.37-12.el9_6.1?arch=i686\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
                "product": {
                  "name": "libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
                  "product_id": "libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-debugsource@1.6.37-12.el9_6.1?arch=i686\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
                "product": {
                  "name": "libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
                  "product_id": "libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-debuginfo@1.6.37-12.el9_6.1?arch=i686\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
                "product": {
                  "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
                  "product_id": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-devel-debuginfo@1.6.37-12.el9_6.1?arch=i686\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
                "product": {
                  "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
                  "product_id": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-tools-debuginfo@1.6.37-12.el9_6.1?arch=i686\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-2:1.6.37-12.el9_6.1.i686",
                "product": {
                  "name": "libpng-2:1.6.37-12.el9_6.1.i686",
                  "product_id": "libpng-2:1.6.37-12.el9_6.1.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng@1.6.37-12.el9_6.1?arch=i686\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
                "product": {
                  "name": "libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
                  "product_id": "libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-devel@1.6.37-12.el9_6.1?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
                "product": {
                  "name": "libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
                  "product_id": "libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-debugsource@1.6.37-12.el9_6.1?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
                "product": {
                  "name": "libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
                  "product_id": "libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-debuginfo@1.6.37-12.el9_6.1?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
                "product": {
                  "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
                  "product_id": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-devel-debuginfo@1.6.37-12.el9_6.1?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
                "product": {
                  "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
                  "product_id": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-tools-debuginfo@1.6.37-12.el9_6.1?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-2:1.6.37-12.el9_6.1.x86_64",
                "product": {
                  "name": "libpng-2:1.6.37-12.el9_6.1.x86_64",
                  "product_id": "libpng-2:1.6.37-12.el9_6.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng@1.6.37-12.el9_6.1?arch=x86_64\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpng-2:1.6.37-12.el9_6.1.src",
                "product": {
                  "name": "libpng-2:1.6.37-12.el9_6.1.src",
                  "product_id": "libpng-2:1.6.37-12.el9_6.1.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng@1.6.37-12.el9_6.1?arch=src\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-2:1.6.37-12.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64"
        },
        "product_reference": "libpng-2:1.6.37-12.el9_6.1.aarch64",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-2:1.6.37-12.el9_6.1.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686"
        },
        "product_reference": "libpng-2:1.6.37-12.el9_6.1.i686",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-2:1.6.37-12.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le"
        },
        "product_reference": "libpng-2:1.6.37-12.el9_6.1.ppc64le",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-2:1.6.37-12.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x"
        },
        "product_reference": "libpng-2:1.6.37-12.el9_6.1.s390x",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-2:1.6.37-12.el9_6.1.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src"
        },
        "product_reference": "libpng-2:1.6.37-12.el9_6.1.src",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-2:1.6.37-12.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64"
        },
        "product_reference": "libpng-2:1.6.37-12.el9_6.1.x86_64",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64"
        },
        "product_reference": "libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debuginfo-2:1.6.37-12.el9_6.1.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686"
        },
        "product_reference": "libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le"
        },
        "product_reference": "libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x"
        },
        "product_reference": "libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64"
        },
        "product_reference": "libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64"
        },
        "product_reference": "libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debugsource-2:1.6.37-12.el9_6.1.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686"
        },
        "product_reference": "libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le"
        },
        "product_reference": "libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debugsource-2:1.6.37-12.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x"
        },
        "product_reference": "libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64"
        },
        "product_reference": "libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-2:1.6.37-12.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64"
        },
        "product_reference": "libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-2:1.6.37-12.el9_6.1.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686"
        },
        "product_reference": "libpng-devel-2:1.6.37-12.el9_6.1.i686",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-2:1.6.37-12.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le"
        },
        "product_reference": "libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-2:1.6.37-12.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x"
        },
        "product_reference": "libpng-devel-2:1.6.37-12.el9_6.1.s390x",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-2:1.6.37-12.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64"
        },
        "product_reference": "libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64"
        },
        "product_reference": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686"
        },
        "product_reference": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le"
        },
        "product_reference": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x"
        },
        "product_reference": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64"
        },
        "product_reference": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64"
        },
        "product_reference": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686"
        },
        "product_reference": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le"
        },
        "product_reference": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x"
        },
        "product_reference": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
          "product_id": "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64"
        },
        "product_reference": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
        "relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-2:1.6.37-12.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64"
        },
        "product_reference": "libpng-2:1.6.37-12.el9_6.1.aarch64",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-2:1.6.37-12.el9_6.1.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686"
        },
        "product_reference": "libpng-2:1.6.37-12.el9_6.1.i686",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-2:1.6.37-12.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le"
        },
        "product_reference": "libpng-2:1.6.37-12.el9_6.1.ppc64le",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-2:1.6.37-12.el9_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x"
        },
        "product_reference": "libpng-2:1.6.37-12.el9_6.1.s390x",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-2:1.6.37-12.el9_6.1.src as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src"
        },
        "product_reference": "libpng-2:1.6.37-12.el9_6.1.src",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-2:1.6.37-12.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64"
        },
        "product_reference": "libpng-2:1.6.37-12.el9_6.1.x86_64",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64"
        },
        "product_reference": "libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debuginfo-2:1.6.37-12.el9_6.1.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686"
        },
        "product_reference": "libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le"
        },
        "product_reference": "libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x"
        },
        "product_reference": "libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64"
        },
        "product_reference": "libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64"
        },
        "product_reference": "libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debugsource-2:1.6.37-12.el9_6.1.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686"
        },
        "product_reference": "libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le"
        },
        "product_reference": "libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debugsource-2:1.6.37-12.el9_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x"
        },
        "product_reference": "libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64"
        },
        "product_reference": "libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-2:1.6.37-12.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64"
        },
        "product_reference": "libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-2:1.6.37-12.el9_6.1.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686"
        },
        "product_reference": "libpng-devel-2:1.6.37-12.el9_6.1.i686",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-2:1.6.37-12.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le"
        },
        "product_reference": "libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-2:1.6.37-12.el9_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x"
        },
        "product_reference": "libpng-devel-2:1.6.37-12.el9_6.1.s390x",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-2:1.6.37-12.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64"
        },
        "product_reference": "libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64"
        },
        "product_reference": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686"
        },
        "product_reference": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le"
        },
        "product_reference": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x"
        },
        "product_reference": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64"
        },
        "product_reference": "libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64"
        },
        "product_reference": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686"
        },
        "product_reference": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le"
        },
        "product_reference": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x"
        },
        "product_reference": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
          "product_id": "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64"
        },
        "product_reference": "libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-64720",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "discovery_date": "2025-11-25T00:00:54.081073+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2416904"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A buffer overflow flaw has been discovered in libpng. An out-of-bounds read vulnerability exists in png_image_read_composite when processing palette images with PNG_FLAG_OPTIMIZE_ALPHA enabled. The palette compositing code in png_init_read_transformations incorrectly applies background compositing during premultiplication, violating the invariant component \u2264 alpha \u00d7 257 required by the simplified PNG API.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libpng: LIBPNG buffer overflow",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated Important for Red Hat products. An out-of-bounds read in libpng can occur when processing specially crafted palette images with `PNG_FLAG_OPTIMIZE_ALPHA` enabled. Successful exploitation requires a user to process a malicious PNG file, leading to potential application crash or information disclosure.\n\njava-*-openjdk-headless packages do not contain libsplashscreen.so, hence are not affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64",
          "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686",
          "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le",
          "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x",
          "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src",
          "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64",
          "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
          "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
          "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
          "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
          "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
          "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
          "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
          "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
          "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
          "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
          "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
          "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686",
          "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
          "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x",
          "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
          "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
          "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
          "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
          "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
          "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
          "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
          "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
          "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
          "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
          "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
          "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64",
          "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686",
          "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le",
          "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x",
          "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src",
          "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64",
          "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
          "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
          "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
          "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
          "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
          "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
          "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
          "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
          "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
          "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
          "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
          "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
          "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
          "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
          "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-64720"
        },
        {
          "category": "external",
          "summary": "RHBZ#2416904",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416904"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-64720",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-64720"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-64720",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64720"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/commit/08da33b4c88cfcd36e5a706558a8d7e0e4773643",
          "url": "https://github.com/pnggroup/libpng/commit/08da33b4c88cfcd36e5a706558a8d7e0e4773643"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/issues/686",
          "url": "https://github.com/pnggroup/libpng/issues/686"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/pull/751",
          "url": "https://github.com/pnggroup/libpng/pull/751"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/security/advisories/GHSA-hfc7-ph9c-wcww",
          "url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-hfc7-ph9c-wcww"
        }
      ],
      "release_date": "2025-11-24T23:45:38.315000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-01-07T13:02:56+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:0210"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "libpng: LIBPNG buffer overflow"
    },
    {
      "cve": "CVE-2025-65018",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "discovery_date": "2025-11-25T00:01:05.570152+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2416907"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A buffer overflow flaw has been discovered in libpng. There is a heap buffer overflow vulnerability in the libpng simplified API function png_image_finish_read when processing 16-bit interlaced PNGs with 8-bit output format. Attacker-crafted interlaced PNG files cause heap writes beyond allocated buffer bounds.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libpng: LIBPNG heap buffer overflow",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated Important for Red Hat products. A heap buffer overflow exists in the libpng library\u0027s png_image_finish_read function when processing specially crafted 16-bit interlaced PNG images with an 8-bit output format. Successful exploitation requires a user or an automated system to process a malicious PNG file, which could lead to application crashes or arbitrary code execution.\n\njava-*-openjdk-headless packages do not contain libsplashscreen.so, hence are not affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64",
          "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686",
          "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le",
          "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x",
          "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src",
          "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64",
          "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
          "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
          "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
          "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
          "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
          "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
          "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
          "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
          "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
          "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
          "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
          "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686",
          "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
          "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x",
          "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
          "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
          "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
          "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
          "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
          "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
          "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
          "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
          "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
          "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
          "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
          "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64",
          "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686",
          "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le",
          "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x",
          "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src",
          "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64",
          "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
          "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
          "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
          "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
          "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
          "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
          "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
          "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
          "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
          "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
          "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
          "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
          "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
          "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
          "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-65018"
        },
        {
          "category": "external",
          "summary": "RHBZ#2416907",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416907"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-65018",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-65018"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-65018",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65018"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/commit/16b5e3823918840aae65c0a6da57c78a5a496a4d",
          "url": "https://github.com/pnggroup/libpng/commit/16b5e3823918840aae65c0a6da57c78a5a496a4d"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/commit/218612ddd6b17944e21eda56caf8b4bf7779d1ea",
          "url": "https://github.com/pnggroup/libpng/commit/218612ddd6b17944e21eda56caf8b4bf7779d1ea"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/issues/755",
          "url": "https://github.com/pnggroup/libpng/issues/755"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/pull/757",
          "url": "https://github.com/pnggroup/libpng/pull/757"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/security/advisories/GHSA-7wv6-48j4-hj3g",
          "url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-7wv6-48j4-hj3g"
        }
      ],
      "release_date": "2025-11-24T23:50:18.294000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-01-07T13:02:56+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:0210"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "libpng: LIBPNG heap buffer overflow"
    },
    {
      "cve": "CVE-2025-66293",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "discovery_date": "2025-12-03T21:00:59.956903+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2418711"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng\u0027s simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512] array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger this vulnerability are valid per the PNG specification; the bug is in libpng\u0027s internal state management.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libpng: LIBPNG out-of-bounds read in png_image_read_composite",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The Red Hat Product Security team has rated this vulnerability as Important as it affects libpng, a widely used library for PNG image processing. The flaw is due to an out-of-bounds read in libpng\u2019s simplified API when handling specially crafted PNG images containing partial transparency and gamma correction data. Successful exploitation could result in information disclosure or cause application crashes in applications processing untrusted PNG content.\n\nFor `java-17-openjdk-headless` and `java-21-openjdk-headless`, while the affected code is present in the bundled sources, it is not exercised by these headless packages.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64",
          "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686",
          "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le",
          "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x",
          "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src",
          "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64",
          "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
          "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
          "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
          "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
          "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
          "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
          "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
          "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
          "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
          "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
          "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
          "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686",
          "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
          "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x",
          "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
          "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
          "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
          "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
          "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
          "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
          "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
          "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
          "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
          "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
          "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
          "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64",
          "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686",
          "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le",
          "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x",
          "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src",
          "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64",
          "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
          "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
          "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
          "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
          "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
          "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
          "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
          "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
          "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
          "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
          "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
          "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
          "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
          "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
          "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
          "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-66293"
        },
        {
          "category": "external",
          "summary": "RHBZ#2418711",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418711"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-66293",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-66293"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66293",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66293"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/commit/788a624d7387a758ffd5c7ab010f1870dea753a1",
          "url": "https://github.com/pnggroup/libpng/commit/788a624d7387a758ffd5c7ab010f1870dea753a1"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/commit/a05a48b756de63e3234ea6b3b938b8f5f862484a",
          "url": "https://github.com/pnggroup/libpng/commit/a05a48b756de63e3234ea6b3b938b8f5f862484a"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/issues/764",
          "url": "https://github.com/pnggroup/libpng/issues/764"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/security/advisories/GHSA-9mpm-9pxh-mg4f",
          "url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-9mpm-9pxh-mg4f"
        }
      ],
      "release_date": "2025-12-03T20:33:57.086000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-01-07T13:02:56+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:0210"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src",
            "AppStream-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "AppStream-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.src",
            "BaseOS-9.6.0.Z.EUS:libpng-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.i686",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "libpng: LIBPNG out-of-bounds read in png_image_read_composite"
    }
  ]
}

RHSA-2026:0211

Vulnerability from csaf_redhat - Published: 2026-01-07 12:57 - Updated: 2026-06-02 15:25

Summary

Red Hat Security Advisory: libpng security update

Severity

Important

Notes

Topic: An update for libpng is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

CVE-2025-64720

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

CWE-125 - Out-of-bounds Read

Affected products

Fixed 62 products

Product	Version	Remediation
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Important

CVE-2025-65018

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

CWE-787 - Out-of-bounds Write

Affected products

Fixed 62 products

Product	Version	Remediation
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Important

CVE-2025-66293

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

CWE-125 - Out-of-bounds Read

Affected products

Fixed 62 products

Product	Version	Remediation
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Important

References

31 references

URL	Category
https://access.redhat.com/errata/RHSA-2026:0211	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2416904	external
https://bugzilla.redhat.com/show_bug.cgi?id=2416907	external
https://bugzilla.redhat.com/show_bug.cgi?id=2418711	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2025-64720	self
https://bugzilla.redhat.com/show_bug.cgi?id=2416904	external
https://www.cve.org/CVERecord?id=CVE-2025-64720	external
https://nvd.nist.gov/vuln/detail/CVE-2025-64720	external
https://github.com/pnggroup/libpng/commit/08da33b…	external
https://github.com/pnggroup/libpng/issues/686	external
https://github.com/pnggroup/libpng/pull/751	external
https://github.com/pnggroup/libpng/security/advis…	external
https://access.redhat.com/security/cve/CVE-2025-65018	self
https://bugzilla.redhat.com/show_bug.cgi?id=2416907	external
https://www.cve.org/CVERecord?id=CVE-2025-65018	external
https://nvd.nist.gov/vuln/detail/CVE-2025-65018	external
https://github.com/pnggroup/libpng/commit/16b5e38…	external
https://github.com/pnggroup/libpng/commit/218612d…	external
https://github.com/pnggroup/libpng/issues/755	external
https://github.com/pnggroup/libpng/pull/757	external
https://github.com/pnggroup/libpng/security/advis…	external
https://access.redhat.com/security/cve/CVE-2025-66293	self
https://bugzilla.redhat.com/show_bug.cgi?id=2418711	external
https://www.cve.org/CVERecord?id=CVE-2025-66293	external
https://nvd.nist.gov/vuln/detail/CVE-2025-66293	external
https://github.com/pnggroup/libpng/commit/788a624…	external
https://github.com/pnggroup/libpng/commit/a05a48b…	external
https://github.com/pnggroup/libpng/issues/764	external
https://github.com/pnggroup/libpng/security/advis…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for libpng is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics (PNG) image format files.\n\nSecurity Fix(es):\n\n* libpng: LIBPNG buffer overflow (CVE-2025-64720)\n\n* libpng: LIBPNG heap buffer overflow (CVE-2025-65018)\n\n* libpng: LIBPNG out-of-bounds read in png_image_read_composite (CVE-2025-66293)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:0211",
        "url": "https://access.redhat.com/errata/RHSA-2026:0211"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2416904",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416904"
      },
      {
        "category": "external",
        "summary": "2416907",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416907"
      },
      {
        "category": "external",
        "summary": "2418711",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418711"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0211.json"
      }
    ],
    "title": "Red Hat Security Advisory: libpng security update",
    "tracking": {
      "current_release_date": "2026-06-02T15:25:42+00:00",
      "generator": {
        "date": "2026-06-02T15:25:42+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.1"
        }
      },
      "id": "RHSA-2026:0211",
      "initial_release_date": "2026-01-07T12:57:50+00:00",
      "revision_history": [
        {
          "date": "2026-01-07T12:57:50+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-01-07T12:57:50+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-02T15:25:42+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
                "product": {
                  "name": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
                  "product_id": "AppStream-9.4.0.Z.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_eus:9.4::appstream"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
                "product": {
                  "name": "Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
                  "product_id": "BaseOS-9.4.0.Z.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:rhel_eus:9.4::baseos"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpng-2:1.6.37-12.el9_4.1.s390x",
                "product": {
                  "name": "libpng-2:1.6.37-12.el9_4.1.s390x",
                  "product_id": "libpng-2:1.6.37-12.el9_4.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng@1.6.37-12.el9_4.1?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-devel-2:1.6.37-12.el9_4.1.s390x",
                "product": {
                  "name": "libpng-devel-2:1.6.37-12.el9_4.1.s390x",
                  "product_id": "libpng-devel-2:1.6.37-12.el9_4.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-devel@1.6.37-12.el9_4.1?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
                "product": {
                  "name": "libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
                  "product_id": "libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-debugsource@1.6.37-12.el9_4.1?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
                "product": {
                  "name": "libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
                  "product_id": "libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-debuginfo@1.6.37-12.el9_4.1?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
                "product": {
                  "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
                  "product_id": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-devel-debuginfo@1.6.37-12.el9_4.1?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
                "product": {
                  "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
                  "product_id": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-tools-debuginfo@1.6.37-12.el9_4.1?arch=s390x\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
                "product": {
                  "name": "libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
                  "product_id": "libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-devel@1.6.37-12.el9_4.1?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
                "product": {
                  "name": "libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
                  "product_id": "libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-debugsource@1.6.37-12.el9_4.1?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
                "product": {
                  "name": "libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
                  "product_id": "libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-debuginfo@1.6.37-12.el9_4.1?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
                "product": {
                  "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
                  "product_id": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-devel-debuginfo@1.6.37-12.el9_4.1?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
                "product": {
                  "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
                  "product_id": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-tools-debuginfo@1.6.37-12.el9_4.1?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-2:1.6.37-12.el9_4.1.aarch64",
                "product": {
                  "name": "libpng-2:1.6.37-12.el9_4.1.aarch64",
                  "product_id": "libpng-2:1.6.37-12.el9_4.1.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng@1.6.37-12.el9_4.1?arch=aarch64\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
                "product": {
                  "name": "libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
                  "product_id": "libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-devel@1.6.37-12.el9_4.1?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
                "product": {
                  "name": "libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
                  "product_id": "libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-debugsource@1.6.37-12.el9_4.1?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
                "product": {
                  "name": "libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
                  "product_id": "libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-debuginfo@1.6.37-12.el9_4.1?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
                "product": {
                  "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
                  "product_id": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-devel-debuginfo@1.6.37-12.el9_4.1?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
                "product": {
                  "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
                  "product_id": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-tools-debuginfo@1.6.37-12.el9_4.1?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-2:1.6.37-12.el9_4.1.ppc64le",
                "product": {
                  "name": "libpng-2:1.6.37-12.el9_4.1.ppc64le",
                  "product_id": "libpng-2:1.6.37-12.el9_4.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng@1.6.37-12.el9_4.1?arch=ppc64le\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpng-devel-2:1.6.37-12.el9_4.1.i686",
                "product": {
                  "name": "libpng-devel-2:1.6.37-12.el9_4.1.i686",
                  "product_id": "libpng-devel-2:1.6.37-12.el9_4.1.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-devel@1.6.37-12.el9_4.1?arch=i686\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
                "product": {
                  "name": "libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
                  "product_id": "libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-debugsource@1.6.37-12.el9_4.1?arch=i686\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
                "product": {
                  "name": "libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
                  "product_id": "libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-debuginfo@1.6.37-12.el9_4.1?arch=i686\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
                "product": {
                  "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
                  "product_id": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-devel-debuginfo@1.6.37-12.el9_4.1?arch=i686\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
                "product": {
                  "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
                  "product_id": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-tools-debuginfo@1.6.37-12.el9_4.1?arch=i686\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-2:1.6.37-12.el9_4.1.i686",
                "product": {
                  "name": "libpng-2:1.6.37-12.el9_4.1.i686",
                  "product_id": "libpng-2:1.6.37-12.el9_4.1.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng@1.6.37-12.el9_4.1?arch=i686\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
                "product": {
                  "name": "libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
                  "product_id": "libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-devel@1.6.37-12.el9_4.1?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
                "product": {
                  "name": "libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
                  "product_id": "libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-debugsource@1.6.37-12.el9_4.1?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
                "product": {
                  "name": "libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
                  "product_id": "libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-debuginfo@1.6.37-12.el9_4.1?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
                "product": {
                  "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
                  "product_id": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-devel-debuginfo@1.6.37-12.el9_4.1?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
                "product": {
                  "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
                  "product_id": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng-tools-debuginfo@1.6.37-12.el9_4.1?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpng-2:1.6.37-12.el9_4.1.x86_64",
                "product": {
                  "name": "libpng-2:1.6.37-12.el9_4.1.x86_64",
                  "product_id": "libpng-2:1.6.37-12.el9_4.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng@1.6.37-12.el9_4.1?arch=x86_64\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpng-2:1.6.37-12.el9_4.1.src",
                "product": {
                  "name": "libpng-2:1.6.37-12.el9_4.1.src",
                  "product_id": "libpng-2:1.6.37-12.el9_4.1.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpng@1.6.37-12.el9_4.1?arch=src\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-2:1.6.37-12.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64"
        },
        "product_reference": "libpng-2:1.6.37-12.el9_4.1.aarch64",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-2:1.6.37-12.el9_4.1.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686"
        },
        "product_reference": "libpng-2:1.6.37-12.el9_4.1.i686",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-2:1.6.37-12.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le"
        },
        "product_reference": "libpng-2:1.6.37-12.el9_4.1.ppc64le",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-2:1.6.37-12.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x"
        },
        "product_reference": "libpng-2:1.6.37-12.el9_4.1.s390x",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-2:1.6.37-12.el9_4.1.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src"
        },
        "product_reference": "libpng-2:1.6.37-12.el9_4.1.src",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-2:1.6.37-12.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64"
        },
        "product_reference": "libpng-2:1.6.37-12.el9_4.1.x86_64",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64"
        },
        "product_reference": "libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debuginfo-2:1.6.37-12.el9_4.1.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686"
        },
        "product_reference": "libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le"
        },
        "product_reference": "libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x"
        },
        "product_reference": "libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64"
        },
        "product_reference": "libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64"
        },
        "product_reference": "libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debugsource-2:1.6.37-12.el9_4.1.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686"
        },
        "product_reference": "libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le"
        },
        "product_reference": "libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debugsource-2:1.6.37-12.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x"
        },
        "product_reference": "libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64"
        },
        "product_reference": "libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-2:1.6.37-12.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64"
        },
        "product_reference": "libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-2:1.6.37-12.el9_4.1.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686"
        },
        "product_reference": "libpng-devel-2:1.6.37-12.el9_4.1.i686",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-2:1.6.37-12.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le"
        },
        "product_reference": "libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-2:1.6.37-12.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x"
        },
        "product_reference": "libpng-devel-2:1.6.37-12.el9_4.1.s390x",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-2:1.6.37-12.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64"
        },
        "product_reference": "libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64"
        },
        "product_reference": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686"
        },
        "product_reference": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le"
        },
        "product_reference": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x"
        },
        "product_reference": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64"
        },
        "product_reference": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64"
        },
        "product_reference": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686"
        },
        "product_reference": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le"
        },
        "product_reference": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x"
        },
        "product_reference": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
          "product_id": "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64"
        },
        "product_reference": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
        "relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-2:1.6.37-12.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64"
        },
        "product_reference": "libpng-2:1.6.37-12.el9_4.1.aarch64",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-2:1.6.37-12.el9_4.1.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686"
        },
        "product_reference": "libpng-2:1.6.37-12.el9_4.1.i686",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-2:1.6.37-12.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le"
        },
        "product_reference": "libpng-2:1.6.37-12.el9_4.1.ppc64le",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-2:1.6.37-12.el9_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x"
        },
        "product_reference": "libpng-2:1.6.37-12.el9_4.1.s390x",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-2:1.6.37-12.el9_4.1.src as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src"
        },
        "product_reference": "libpng-2:1.6.37-12.el9_4.1.src",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-2:1.6.37-12.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64"
        },
        "product_reference": "libpng-2:1.6.37-12.el9_4.1.x86_64",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64"
        },
        "product_reference": "libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debuginfo-2:1.6.37-12.el9_4.1.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686"
        },
        "product_reference": "libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le"
        },
        "product_reference": "libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x"
        },
        "product_reference": "libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64"
        },
        "product_reference": "libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64"
        },
        "product_reference": "libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debugsource-2:1.6.37-12.el9_4.1.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686"
        },
        "product_reference": "libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le"
        },
        "product_reference": "libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debugsource-2:1.6.37-12.el9_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x"
        },
        "product_reference": "libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64"
        },
        "product_reference": "libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-2:1.6.37-12.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64"
        },
        "product_reference": "libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-2:1.6.37-12.el9_4.1.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686"
        },
        "product_reference": "libpng-devel-2:1.6.37-12.el9_4.1.i686",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-2:1.6.37-12.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le"
        },
        "product_reference": "libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-2:1.6.37-12.el9_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x"
        },
        "product_reference": "libpng-devel-2:1.6.37-12.el9_4.1.s390x",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-2:1.6.37-12.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64"
        },
        "product_reference": "libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64"
        },
        "product_reference": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686"
        },
        "product_reference": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le"
        },
        "product_reference": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x"
        },
        "product_reference": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64"
        },
        "product_reference": "libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64"
        },
        "product_reference": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686"
        },
        "product_reference": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le"
        },
        "product_reference": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x"
        },
        "product_reference": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
          "product_id": "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64"
        },
        "product_reference": "libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-64720",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "discovery_date": "2025-11-25T00:00:54.081073+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2416904"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A buffer overflow flaw has been discovered in libpng. An out-of-bounds read vulnerability exists in png_image_read_composite when processing palette images with PNG_FLAG_OPTIMIZE_ALPHA enabled. The palette compositing code in png_init_read_transformations incorrectly applies background compositing during premultiplication, violating the invariant component \u2264 alpha \u00d7 257 required by the simplified PNG API.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libpng: LIBPNG buffer overflow",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated Important for Red Hat products. An out-of-bounds read in libpng can occur when processing specially crafted palette images with `PNG_FLAG_OPTIMIZE_ALPHA` enabled. Successful exploitation requires a user to process a malicious PNG file, leading to potential application crash or information disclosure.\n\njava-*-openjdk-headless packages do not contain libsplashscreen.so, hence are not affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686",
          "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x",
          "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src",
          "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64",
          "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
          "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
          "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
          "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
          "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
          "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
          "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686",
          "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x",
          "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
          "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
          "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
          "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
          "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
          "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
          "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686",
          "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src",
          "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
          "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
          "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
          "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-64720"
        },
        {
          "category": "external",
          "summary": "RHBZ#2416904",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416904"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-64720",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-64720"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-64720",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64720"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/commit/08da33b4c88cfcd36e5a706558a8d7e0e4773643",
          "url": "https://github.com/pnggroup/libpng/commit/08da33b4c88cfcd36e5a706558a8d7e0e4773643"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/issues/686",
          "url": "https://github.com/pnggroup/libpng/issues/686"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/pull/751",
          "url": "https://github.com/pnggroup/libpng/pull/751"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/security/advisories/GHSA-hfc7-ph9c-wcww",
          "url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-hfc7-ph9c-wcww"
        }
      ],
      "release_date": "2025-11-24T23:45:38.315000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-01-07T12:57:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:0211"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "libpng: LIBPNG buffer overflow"
    },
    {
      "cve": "CVE-2025-65018",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "discovery_date": "2025-11-25T00:01:05.570152+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2416907"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A buffer overflow flaw has been discovered in libpng. There is a heap buffer overflow vulnerability in the libpng simplified API function png_image_finish_read when processing 16-bit interlaced PNGs with 8-bit output format. Attacker-crafted interlaced PNG files cause heap writes beyond allocated buffer bounds.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libpng: LIBPNG heap buffer overflow",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated Important for Red Hat products. A heap buffer overflow exists in the libpng library\u0027s png_image_finish_read function when processing specially crafted 16-bit interlaced PNG images with an 8-bit output format. Successful exploitation requires a user or an automated system to process a malicious PNG file, which could lead to application crashes or arbitrary code execution.\n\njava-*-openjdk-headless packages do not contain libsplashscreen.so, hence are not affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686",
          "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x",
          "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src",
          "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64",
          "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
          "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
          "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
          "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
          "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
          "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
          "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686",
          "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x",
          "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
          "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
          "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
          "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
          "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
          "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
          "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686",
          "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src",
          "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
          "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
          "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
          "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-65018"
        },
        {
          "category": "external",
          "summary": "RHBZ#2416907",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416907"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-65018",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-65018"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-65018",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65018"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/commit/16b5e3823918840aae65c0a6da57c78a5a496a4d",
          "url": "https://github.com/pnggroup/libpng/commit/16b5e3823918840aae65c0a6da57c78a5a496a4d"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/commit/218612ddd6b17944e21eda56caf8b4bf7779d1ea",
          "url": "https://github.com/pnggroup/libpng/commit/218612ddd6b17944e21eda56caf8b4bf7779d1ea"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/issues/755",
          "url": "https://github.com/pnggroup/libpng/issues/755"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/pull/757",
          "url": "https://github.com/pnggroup/libpng/pull/757"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/security/advisories/GHSA-7wv6-48j4-hj3g",
          "url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-7wv6-48j4-hj3g"
        }
      ],
      "release_date": "2025-11-24T23:50:18.294000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-01-07T12:57:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:0211"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "libpng: LIBPNG heap buffer overflow"
    },
    {
      "cve": "CVE-2025-66293",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "discovery_date": "2025-12-03T21:00:59.956903+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2418711"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng\u0027s simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512] array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger this vulnerability are valid per the PNG specification; the bug is in libpng\u0027s internal state management.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libpng: LIBPNG out-of-bounds read in png_image_read_composite",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The Red Hat Product Security team has rated this vulnerability as Important as it affects libpng, a widely used library for PNG image processing. The flaw is due to an out-of-bounds read in libpng\u2019s simplified API when handling specially crafted PNG images containing partial transparency and gamma correction data. Successful exploitation could result in information disclosure or cause application crashes in applications processing untrusted PNG content.\n\nFor `java-17-openjdk-headless` and `java-21-openjdk-headless`, while the affected code is present in the bundled sources, it is not exercised by these headless packages.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686",
          "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x",
          "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src",
          "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64",
          "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
          "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
          "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
          "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
          "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
          "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
          "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686",
          "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x",
          "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
          "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
          "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
          "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
          "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
          "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
          "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686",
          "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src",
          "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
          "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
          "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
          "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-66293"
        },
        {
          "category": "external",
          "summary": "RHBZ#2418711",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418711"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-66293",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-66293"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66293",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66293"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/commit/788a624d7387a758ffd5c7ab010f1870dea753a1",
          "url": "https://github.com/pnggroup/libpng/commit/788a624d7387a758ffd5c7ab010f1870dea753a1"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/commit/a05a48b756de63e3234ea6b3b938b8f5f862484a",
          "url": "https://github.com/pnggroup/libpng/commit/a05a48b756de63e3234ea6b3b938b8f5f862484a"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/issues/764",
          "url": "https://github.com/pnggroup/libpng/issues/764"
        },
        {
          "category": "external",
          "summary": "https://github.com/pnggroup/libpng/security/advisories/GHSA-9mpm-9pxh-mg4f",
          "url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-9mpm-9pxh-mg4f"
        }
      ],
      "release_date": "2025-12-03T20:33:57.086000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-01-07T12:57:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:0211"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src",
            "AppStream-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "AppStream-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.src",
            "BaseOS-9.4.0.Z.EUS:libpng-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-debugsource-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-devel-debuginfo-2:1.6.37-12.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.i686",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.EUS:libpng-tools-debuginfo-2:1.6.37-12.el9_4.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "libpng: LIBPNG out-of-bounds read in png_image_read_composite"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-65018 (GCVE-0-2025-65018)

Tags

Sightings

Nomenclature