CVE-2025-65018
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-65018
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-65018.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-65018
- Aliases
-
- GHSA-7wv6-48j4-hj3g
- Downstream
- Published
- 2025-11-24T23:50:18.294Z
- Modified
- 2025-11-27T19:35:13.638174Z
- Severity
-
- 7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H CVSS Calculator
- Summary
- LIBPNG is vulnerable to a heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read`
- Details
-
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, there is a heap buffer overflow vulnerability in the libpng simplified API function pngimagefinish_read when processing 16-bit interlaced PNGs with 8-bit output format. Attacker-crafted interlaced PNG files cause heap writes beyond allocated buffer bounds. This issue has been patched in version 1.6.51.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/blob/ee626f5d79d5817bb21d6f048dc0da4c4e383443/cves/2025/65xxx/CVE-2025-65018.json", "cwe_ids": [ "CWE-122", "CWE-787" ], "cna_assigner": "GitHub_M" }- References
-
- https://github.com/pnggroup/libpng/commit/16b5e3823918840aae65c0a6da57c78a5a496a4d
- https://github.com/pnggroup/libpng/commit/218612ddd6b17944e21eda56caf8b4bf7779d1ea
- https://github.com/pnggroup/libpng/issues/755
- https://github.com/pnggroup/libpng/pull/757
- https://github.com/pnggroup/libpng/security/advisories/GHSA-7wv6-48j4-hj3g
Affected packages
Git / github.com/pnggroup/libpng
Affected versions
libpng-1.*
libpng-1.6.10-signed
libpng-1.6.11-signed
libpng-1.6.12-signed
libpng-1.6.13-signed
libpng-1.6.14-signed
libpng-1.6.15-master-signed
libpng-1.6.15-signed
libpng-1.6.16-master-signed
libpng-1.6.16-signed
libpng-1.6.17-master-signed
libpng-1.6.17-signed
libpng-1.6.18-master-signed
libpng-1.6.18-signed
libpng-1.6.2-signed
libpng-1.6.20-master-signed
libpng-1.6.20-signed
libpng-1.6.21-master-signed
libpng-1.6.21-signed
libpng-1.6.23-signed
libpng-1.6.24-master-signed
libpng-1.6.24-signed
libpng-1.6.25-master-signed
libpng-1.6.25-signed
libpng-1.6.26-master-signed
libpng-1.6.26-signed
libpng-1.6.28-signed
libpng-1.6.29-master-signed
libpng-1.6.29-signed
libpng-1.6.3-signed
libpng-1.6.30-master-signed
libpng-1.6.30-signed
libpng-1.6.31-master-signed
libpng-1.6.31-signed
libpng-1.6.4-signed
libpng-1.6.7-signed
libpng-1.6.8-signed
libpng-1.6.9-signed
v1.*
v1.2.10
v1.2.10rc2
v1.2.10rc3
v1.2.11
v1.2.11beta1
v1.2.11beta2
v1.2.11beta2cos
v1.2.11beta3
v1.2.11beta4
v1.2.11rc1
v1.2.11rc2
v1.2.11rc3
v1.2.11rc5
v1.2.12
v1.2.13
v1.2.13beta1
v1.2.13rc1
v1.2.13rc2
v1.2.14
v1.2.14beta1
v1.2.14beta2
v1.2.14rc1
v1.2.15
v1.2.15beta1
v1.2.15beta2
v1.2.15beta3
v1.2.15beta4
v1.2.15beta5
v1.2.15beta6
v1.2.15rc1
v1.2.15rc2
v1.2.15rc3
v1.2.15rc4
v1.2.15rc5
v1.2.16
v1.2.16beta1
v1.2.16beta2
v1.2.16rc1
v1.2.17
v1.2.17beta1
v1.2.17beta2
v1.2.17rc1
v1.2.17rc2
v1.2.17rc3
v1.2.17rc4
v1.2.18
v1.2.19
v1.2.19beta1
v1.2.19beta10
v1.2.19beta11
v1.2.19beta12
v1.2.19beta13
v1.2.19beta14
v1.2.19beta15
v1.2.19beta16
v1.2.19beta17
v1.2.19beta18
v1.2.19beta19
v1.2.19beta2
v1.2.19beta20
v1.2.19beta21
v1.2.19beta22
v1.2.19beta23
v1.2.19beta24
v1.2.19beta25
v1.2.19beta26
v1.2.19beta27
v1.2.19beta28
v1.2.19beta29
v1.2.19beta3
v1.2.19beta30
v1.2.19beta31
v1.2.19beta4
v1.2.19beta5
v1.2.19beta6
v1.2.19beta7
v1.2.19beta8
v1.2.19beta9
v1.2.19rc1
v1.2.19rc2
v1.2.19rc3
v1.2.19rc4
v1.2.19rc5
v1.2.19rc6
v1.2.20
v1.2.20beta01
v1.2.20beta02
v1.2.20beta03
v1.2.20beta04
v1.2.20rc1
v1.2.20rc2
v1.2.20rc3
v1.2.20rc4
v1.2.20rc5
v1.2.20rc6
v1.2.21
v1.2.21beta1
v1.2.21beta2
v1.2.21rc1
v1.2.21rc2
v1.2.21rc3
v1.2.22
v1.2.22beta1
v1.2.22beta2
v1.2.22beta3
v1.2.22beta4
v1.2.22rc1
v1.2.23
v1.2.23beta01
v1.2.23beta02
v1.2.23beta03
v1.2.23beta04
v1.2.23beta05
v1.2.23rc01
v1.2.24
v1.2.24beta01
v1.2.24beta02
v1.2.24rc01
v1.2.25
v1.2.25beta01
v1.2.25beta02
v1.2.25beta03
v1.2.25beta04
v1.2.25beta05
v1.2.25beta06
v1.2.25rc01
v1.2.25rc02
v1.2.26
v1.2.26beta01
v1.2.26beta02
v1.2.26beta03
v1.2.26beta04
v1.2.26beta05
v1.2.26beta06
v1.2.26rc01
v1.2.27
v1.2.27beta01
v1.2.27beta02
v1.2.27beta03
v1.2.27beta04
v1.2.27beta05
v1.2.27beta06
v1.2.27rc01
v1.2.28
v1.2.29
v1.2.29beta01
v1.2.29beta02
v1.2.29beta03
v1.2.29rc01
v1.2.30
v1.2.30beta01
v1.2.30beta02
v1.2.30beta03
v1.2.30beta04
v1.2.30rc01
v1.2.30rc02
v1.2.30rc03
v1.2.30rc04
v1.2.30rc05
v1.2.30rc06
v1.2.30rc07
v1.2.30rc08
v1.2.31
v1.2.31rc01
v1.2.31rc02
v1.2.31rc03
v1.2.32
v1.2.32beta01
v1.2.32rc01
v1.2.33
v1.2.33beta01
v1.2.33rc01
v1.2.33rc02
v1.2.34
v1.2.34beta01
v1.2.34beta02
v1.2.34beta03
v1.2.34beta04
v1.2.34beta05
v1.2.34beta06
v1.2.34beta07
v1.2.34rc01
v1.2.35
v1.2.35beta01
v1.2.35beta02
v1.2.35beta03
v1.2.35rc01
v1.2.35rc02
v1.2.36
v1.2.36beta01
v1.2.36beta02
v1.2.36beta03
v1.2.36beta04
v1.2.36beta05
v1.2.37
v1.2.37beta01
v1.2.37beta02
v1.2.37beta03
v1.2.37rc01
v1.2.38
v1.2.38beta01
v1.2.38rc01
v1.2.38rc02
v1.2.38rc03
v1.2.39
v1.2.39beta01
v1.2.39beta02
v1.2.39beta03
v1.2.39beta04
v1.2.39beta05
v1.2.39rc01
v1.2.40
v1.2.40beta01
v1.2.40rc01
v1.2.41
v1.2.41beta01
v1.2.41beta02
v1.2.41beta03
v1.2.41beta04
v1.2.41beta05
v1.2.41beta06
v1.2.41beta07
v1.2.41beta08
v1.2.41beta09
v1.2.41beta10
v1.2.41beta11
v1.2.41beta12
v1.2.41beta13
v1.2.41beta14
v1.2.41beta15
v1.2.41beta16
v1.2.41beta17
v1.2.41beta18
v1.2.41beta19
v1.2.41rc01
v1.2.41rc02
v1.2.41rc03
v1.2.42
v1.2.42beta01
v1.2.42beta02
v1.2.42rc01
v1.2.42rc02
v1.2.42rc03
v1.2.42rc04
v1.2.42rc05
v1.4.0
v1.4.1
v1.4.1beta01
v1.4.1beta02
v1.4.1beta03
v1.4.1beta04
v1.4.1beta05
v1.4.1beta06
v1.4.1beta07
v1.4.1beta08
v1.4.1beta09
v1.4.1beta10
v1.4.1beta11
v1.4.1beta12
v1.4.1rc01
v1.4.1rc02
v1.4.1rc03
v1.4.1rc04
v1.4.2
v1.4.2beta01
v1.4.2rc01
v1.4.2rc02
v1.4.2rc03
v1.4.2rc04
v1.4.2rc05
v1.4.2rc06
v1.4.3
v1.4.3beta01
v1.4.3beta02
v1.4.3beta04
v1.4.3beta05
v1.4.3rc01
v1.4.3rc02
v1.4.3rc03
v1.4.4
v1.4.4beta01
v1.4.4beta02
v1.4.4beta03
v1.4.4beta05
v1.4.4beta06
v1.4.4beta07
v1.4.4beta08
v1.4.4rc01
v1.4.4rc02
v1.4.4rc03
v1.4.4rc04
v1.4.4rc05
v1.4.5
v1.4.5beta01
v1.4.5beta02
v1.4.5beta03
v1.4.5beta04
v1.4.5beta06
v1.4.5rc01
v1.4.5rc02
v1.4.5rc03
v1.4.6
v1.4.6beta01
v1.4.6beta03
v1.4.6beta04
v1.4.6beta06
v1.4.6beta07
v1.4.6rc01
v1.4.6rc02
v1.4.7
v1.4.7rc01
v1.4.8
v1.4.8beta01
v1.4.8beta02
v1.4.8beta03
v1.4.8beta04
v1.4.8beta05
v1.4.8rc01
v1.5.7
v1.5.7beta05
v1.5.7rc01
v1.5.7rc02
v1.5.7rc03
v1.5.8beta01
v1.5.8rc02
v1.5.9
v1.5.9beta01
v1.5.9rc01
v1.6.0
v1.6.1
v1.6.10
v1.6.10beta01
v1.6.10beta02
v1.6.10rc01
v1.6.10rc02
v1.6.10rc03
v1.6.11
v1.6.11beta01
v1.6.11beta02
v1.6.11beta03
v1.6.11beta04
v1.6.11beta05
v1.6.11beta06
v1.6.11rc01
v1.6.11rc02
v1.6.12
v1.6.12rc01
v1.6.12rc02
v1.6.12rc03
v1.6.13
v1.6.13beta01
v1.6.13beta02
v1.6.13beta03
v1.6.13beta04
v1.6.13rc01
v1.6.14
v1.6.14beta01
v1.6.14beta02
v1.6.14beta03
v1.6.14beta04
v1.6.14beta05
v1.6.14beta06
v1.6.14beta07
v1.6.14rc01
v1.6.14rc02
v1.6.15
v1.6.15beta01
v1.6.15beta02
v1.6.15beta03
v1.6.15beta04
v1.6.15beta05
v1.6.15beta06
v1.6.15beta07
v1.6.15beta08
v1.6.15rc01
v1.6.15rc02
v1.6.15rc03
v1.6.16
v1.6.16beta01
v1.6.16beta02
v1.6.16beta03
v1.6.16rc01
v1.6.16rc02
v1.6.16rc03
v1.6.17
v1.6.17-master
v1.6.17beta01
v1.6.17beta02
v1.6.17beta03
v1.6.17beta04
v1.6.17beta05
v1.6.17rc01
v1.6.17rc02
v1.6.17rc03
v1.6.17rc04
v1.6.17rc05
v1.6.17rc06
v1.6.18
v1.6.18-master
v1.6.18beta01
v1.6.18beta02
v1.6.18beta03
v1.6.18beta04
v1.6.18beta05
v1.6.18beta06
v1.6.18beta07
v1.6.18beta08
v1.6.18beta09
v1.6.18rc01
v1.6.18rc02
v1.6.18rc03
v1.6.19
v1.6.19beta01
v1.6.19beta02
v1.6.19beta03
v1.6.19beta04
v1.6.19rc01
v1.6.19rc02
v1.6.19rc03
v1.6.19rc04
v1.6.1beta01
v1.6.1beta02
v1.6.1beta03
v1.6.1beta04
v1.6.1beta05
v1.6.1beta06
v1.6.1beta07
v1.6.1beta08
v1.6.1beta09
v1.6.1rc01
v1.6.2
v1.6.20beta01
v1.6.20beta02
v1.6.20beta03
v1.6.20rc01
v1.6.20rc02
v1.6.21
v1.6.21beta01
v1.6.21beta02
v1.6.21beta03
v1.6.21rc01
v1.6.21rc02
v1.6.22
v1.6.22beta01
v1.6.22beta02
v1.6.22beta03
v1.6.22beta04
v1.6.22beta05
v1.6.22beta06
v1.6.22rc01
v1.6.22rc02
v1.6.22rc03
v1.6.23
v1.6.23beta01
v1.6.23rc01
v1.6.23rc02
v1.6.24
v1.6.24beta01
v1.6.24beta02
v1.6.24beta03
v1.6.24beta04
v1.6.24beta05
v1.6.24beta06
v1.6.24rc01
v1.6.24rc02
v1.6.24rc03
v1.6.25
v1.6.25beta02
v1.6.25rc03
v1.6.25rc04
v1.6.26
v1.6.26beta01
v1.6.26beta02
v1.6.26beta03
v1.6.26beta04
v1.6.26beta05
v1.6.26beta06
v1.6.26rc01
v1.6.27
v1.6.27beta01
v1.6.27rc01
v1.6.28
v1.6.28rc01
v1.6.28rc02
v1.6.28rc03
v1.6.29
v1.6.29beta01
v1.6.29beta02
v1.6.29beta03
v1.6.29rc01
v1.6.2beta01
v1.6.2beta02
v1.6.2rc01
v1.6.2rc02
v1.6.2rc03
v1.6.2rc04
v1.6.2rc05
v1.6.2rc06
v1.6.3
v1.6.30
v1.6.30beta01
v1.6.30beta02
v1.6.30beta03
v1.6.30beta04
v1.6.30rc01
v1.6.31
v1.6.31beta01
v1.6.31beta02
v1.6.31beta03
v1.6.31beta04
v1.6.31beta05
v1.6.31beta06
v1.6.31beta07
v1.6.31rc01
v1.6.31rc02
v1.6.32
v1.6.32beta01
v1.6.32beta02
v1.6.32beta03
v1.6.32beta05
v1.6.32beta06
v1.6.32beta07
v1.6.32beta08
v1.6.32beta09
v1.6.32beta10
v1.6.32beta11
v1.6.32rc01
v1.6.32rc02
v1.6.33
v1.6.33beta01
v1.6.33beta02
v1.6.33beta03
v1.6.33rc01
v1.6.33rc02
v1.6.34
v1.6.35
v1.6.35beta01
v1.6.36
v1.6.37
v1.6.38
v1.6.39
v1.6.3beta01
v1.6.3beta02
v1.6.3beta03
v1.6.3beta04
v1.6.3beta05
v1.6.3beta06
v1.6.3beta07
v1.6.3beta08
v1.6.3beta09
v1.6.3beta10
v1.6.3rc01
v1.6.4
v1.6.40
v1.6.41
v1.6.42
v1.6.43
v1.6.44
v1.6.45
v1.6.46
v1.6.47
v1.6.48
v1.6.49
v1.6.4beta02
v1.6.4rc01
v1.6.5
v1.6.50
v1.6.6
v1.6.7
v1.6.7beta01
v1.6.7beta02
v1.6.7beta03
v1.6.7beta04
v1.6.7rc01
v1.6.7rc02
v1.6.8
v1.6.8beta01
v1.6.8beta02
v1.6.8rc02
v1.6.9
v1.6.9beta01
v1.6.9beta02
v1.6.9beta03
v1.6.9rc01
v1.6.9rc02
Database specific
vanir_signatures
[
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"166375070723291529406421301066248769034",
"275647010778297936193963675511576832388",
"256826767335212246520616614652191899280",
"279336807821086835335477021495116274772",
"289998086382119027680343151146219735692",
"127562272222925286109814353033687270978",
"25813353444574047506367402039418644046",
"253582453789718568595455958296774742498"
]
},
"source": "https://github.com/pnggroup/libpng/commit/49363adcfaf098748d7a4c8c624ad8c45a8c3a86",
"deprecated": false,
"id": "CVE-2025-65018-547918c0",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "png.h"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"52540900908244694562855646578057113774",
"200219053898519147474761570586990540810",
"23871324486584156747326023564743243101",
"63048311541359152088830007041723625585"
]
},
"source": "https://github.com/pnggroup/libpng/commit/49363adcfaf098748d7a4c8c624ad8c45a8c3a86",
"deprecated": false,
"id": "CVE-2025-65018-6bf57c8e",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "pngtest.c"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"156580915294223224015440899088615326697",
"218405736567565762721805663647781263162",
"85662020663482796805838288188511316315",
"230686006833406113235008350425423979914",
"260919417129355689179955630465652050316",
"95506800799202743812829450076592490423"
]
},
"source": "https://github.com/pnggroup/libpng/commit/49363adcfaf098748d7a4c8c624ad8c45a8c3a86",
"deprecated": false,
"id": "CVE-2025-65018-9afdfcea",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "png.c"
}
},
{
"digest": {
"length": 481.0,
"function_hash": "308839484675692000161271595223156832928"
},
"source": "https://github.com/pnggroup/libpng/commit/49363adcfaf098748d7a4c8c624ad8c45a8c3a86",
"deprecated": false,
"id": "CVE-2025-65018-d048d988",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"function": "png_get_copyright",
"file": "png.c"
}
}
]