| Release | Version |
|---|---|
| bullseye | 1.6.37-3 |
| bookworm | 1.6.39-2 |
| trixie | 1.6.48-1 |
| forky | 1.6.51-1 |
| sid | 1.6.52-1 |
| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2025-66293 | vulnerable | vulnerable | vulnerable | vulnerable | fixed | LIBPNG is a reference library for use in applications that read, creat ... |
| CVE-2025-65018 | vulnerable | vulnerable | vulnerable | fixed | fixed | LIBPNG is a reference library for use in applications that read, creat ... |
| CVE-2025-64720 | vulnerable | vulnerable | vulnerable | fixed | fixed | LIBPNG is a reference library for use in applications that read, creat ... |
| CVE-2025-64506 | vulnerable | vulnerable | vulnerable | fixed | fixed | LIBPNG is a reference library for use in applications that read, creat ... |
| CVE-2025-64505 | vulnerable | vulnerable | vulnerable | fixed | fixed | LIBPNG is a reference library for use in applications that read, creat ... |
| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2021-4214 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | A heap overflow flaw was found in libpngs' pngimage.c program. This fl ... |
| CVE-2019-6129 | vulnerable | fixed | fixed | fixed | fixed | png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as ... |
| Bug | Description |
|---|---|
| CVE-2019-7317 | png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after- ... |
| CVE-2018-14550 | An issue has been found in third-party PNM decoding associated with li ... |
| CVE-2018-14048 | An issue has been found in libpng 1.6.34. It is a SEGV in the function ... |
| CVE-2018-13785 | In libpng 1.6.34, a wrong calculation of row_factor in the png_check_c ... |
| CVE-2017-12652 | libpng before 1.6.32 does not properly check the length of chunks agai ... |
| CVE-2016-10087 | The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before ... |
| CVE-2015-8472 | Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, ... |
| CVE-2015-0973 | Buffer overflow in the png_read_IDAT_data function in pngrutil.c in li ... |
| CVE-2014-9495 | Heap-based buffer overflow in the png_combine_row function in libpng b ... |
| CVE-2014-0333 | The png_push_read_chunk function in pngpread.c in the progressive deco ... |
| CVE-2013-7354 | Multiple integer overflows in libpng before 1.5.14rc03 allow remote at ... |
| CVE-2013-7353 | Integer overflow in the png_set_unknown_chunks function in libpng/pngs ... |
| DSA / DLA | Description |
|---|---|
| DSA-4435-1 | libpng1.6 - security update |