CVE-2025-64720Out-of-bounds Read in Libpng

CWE-125Out-of-bounds Read8 documents8 sources
Severity
7.1HIGHNVD
EPSS
0.1%
top 72.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
LibpngPnggroup Libpng
Timeline
PublishedNov 25
Latest updateDec 11

Description

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, an out-of-bounds read vulnerability exists in png_image_read_composite when processing palette images with PNG_FLAG_OPTIMIZE_ALPHA enabled. The palette compositing code in png_init_read_transformations incorrectly applies background compositing during premultiplication, violating the invariant component ≤ alpha × 257 requ

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:HExploitability: 2.8 | Impact: 4.2

Affected Packages2 packages

NVDlibpng/libpng1.6.01.6.51
CVEListV5pnggroup/libpng>= 1.6.0, < 1.6.51

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

2
OSV
CVE-2025-64720: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files2025-11-25
CVEList
LIBPNG is vulnerable to a buffer overflow in `png_image_read_composite` via incorrect palette premultiplication2025-11-24

📋Vendor Advisories

4
Ubuntu
libpng vulnerabilities2025-12-11
Red Hat
libpng: LIBPNG buffer overflow2025-11-24
Microsoft
LIBPNG is vulnerable to a buffer overflow in `png_image_read_composite` via incorrect palette premultiplication2025-11-11
Debian
CVE-2025-64720: libpng1.6 - LIBPNG is a reference library for use in applications that read, create, and man...2025

💬Community

1
Bugzilla
CVE-2025-64720 libpng: LIBPNG buffer overflow2025-11-25