CLSA-2025-1766135952

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1766135952.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLSA-2025-1766135952
Upstream
Published
2025-12-19T10:09:12Z
Modified
2026-05-27T11:18:16.871118938Z
Summary
libpng: Fix of CVE-2025-64505
Details
  • CVE-2025-64505: fix heap buffer over-read vulnerability in pngdoquantize function by validating palette_lookup array bounds
References

Affected packages

TuxCare:OracleLinux:7 / libpng

Package

Name
libpng
Purl
pkg:rpm/tuxcare/libpng?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:1.5.13-8.el7.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1766135952.json"

TuxCare:OracleLinux:7 / libpng-devel

Package

Name
libpng-devel
Purl
pkg:rpm/tuxcare/libpng-devel?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:1.5.13-8.el7.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1766135952.json"

TuxCare:OracleLinux:7 / libpng-static

Package

Name
libpng-static
Purl
pkg:rpm/tuxcare/libpng-static?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:1.5.13-8.el7.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1766135952.json"