CVE-2025-64506Out-of-bounds Read in Libpng

CWE-125Out-of-bounds Read9 documents8 sources
Severity
6.1MEDIUMNVD
EPSS
0.0%
top 92.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
LibpngPnggroup Libpng
Timeline
PublishedNov 25
Latest updateDec 11

Description

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, a heap buffer over-read vulnerability exists in libpng's png_write_image_8bit function when processing 8-bit images through the simplified write API with convert_to_8bit enabled. The vulnerability affects 8-bit grayscale+alpha, RGB/RGBA, and images with incomplete row data. A conditional guard incorrectly allows 8-bit inp

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:HExploitability: 1.8 | Impact: 4.2

Affected Packages2 packages

NVDlibpng/libpng1.6.01.6.51
CVEListV5pnggroup/libpng>= 1.6.0, < 1.6.51

Patches

Patch: github.com

🔴Vulnerability Details

3
OSV
libpng1.6 vulnerabilities2025-12-11
OSV
CVE-2025-64506: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files2025-11-25
CVEList
LIBPNG is vulnerable to a heap buffer over-read in `png_write_image_8bit` with grayscale+alpha or RGB/RGBA images2025-11-24

📋Vendor Advisories

4
Ubuntu
libpng vulnerabilities2025-12-11
Red Hat
libpng: LIBPNG heap buffer over-read2025-11-24
Microsoft
LIBPNG is vulnerable to a heap buffer over-read in `png_write_image_8bit` with grayscale+alpha or RGB/RGBA images2025-11-11
Debian
CVE-2025-64506: libpng1.6 - LIBPNG is a reference library for use in applications that read, create, and man...2025

💬Community

1
Bugzilla
CVE-2025-64506 libpng: LIBPNG heap buffer over-read2025-11-25