CVE-2025-64505Out-of-bounds Read in Libpng

CWE-125Out-of-bounds Read11 documents8 sources
Severity
6.1MEDIUMNVD
EPSS
0.0%
top 92.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Pnggroup LibpngLibpng
Timeline
PublishedNov 25
Latest updateMar 11

Description

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's png_do_quantize function when processing PNG files with malformed palette indices. The vulnerability occurs when palette_lookup array bounds are not validated against externally-supplied image data, allowing an attacker to craft a PNG file with out-of-range palette indices that

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:HExploitability: 1.8 | Impact: 4.2

Affected Packages3 packages

NVDlibpng/libpng< 1.6.51
CVEListV5pnggroup/libpng< 1.6.51
Ubuntulibpng/libpng< 1.2.50-1ubuntu2.14.04.3+esm1+1

Patches

Patch: github.com

🔴Vulnerability Details

4
OSV
libpng vulnerabilities2026-03-11
OSV
libpng1.6 vulnerabilities2025-12-11
OSV
CVE-2025-64505: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files2025-11-25
CVEList
LIBPNG is vulnerable to a heap buffer overflow in `png_do_quantize` via malformed palette index2025-11-24

📋Vendor Advisories

5
Ubuntu
libpng vulnerabilities2026-03-11
Ubuntu
libpng vulnerabilities2025-12-11
Red Hat
libpng: LIBPNG heap buffer overflow via malformed palette index2025-11-24
Microsoft
LIBPNG is vulnerable to a heap buffer overflow in `png_do_quantize` via malformed palette index2025-11-11
Debian
CVE-2025-64505: libpng1.6 - LIBPNG is a reference library for use in applications that read, create, and man...2025

💬Community

1
Bugzilla
CVE-2025-64505 libpng: LIBPNG heap buffer overflow via malformed palette index2025-11-25