DEBIAN-CVE-2026-34757

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2026-34757

Import Source

https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2026-34757.json

JSON Data

https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2026-34757

Upstream

CVE-2026-34757

Published

2026-04-09T15:16:11.003Z

Modified

2026-05-14T09:00:13.998065040Z

Severity

4.4 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from pnggetPLTE, pnggettRNS, or pnggethIST back into the corresponding setter on the same pngstruct/pnginfo pair causes the setter to read from freed memory and copy its contents into the replacement buffer. The setter frees the internal buffer before copying from the caller-supplied pointer, which now dangles. The freed region may contain stale data (producing silently corrupted chunk metadata) or data from subsequent heap allocations (leaking unrelated heap contents into the chunk struct). This vulnerability is fixed in 1.6.57.

References

https://security-tracker.debian.org/tracker/CVE-2026-34757

Affected packages

Debian:11 / libpng1.6

Package

Name: libpng1.6
Purl: pkg:deb/debian/libpng1.6?arch=source&distro=bullseye

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.6.37-3+deb11u4

Affected versions

1.*

1.6.37-3

1.6.37-3+deb11u1

1.6.37-3+deb11u2

1.6.37-3+deb11u3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2026-34757.json"

Debian:12 / libpng1.6

Package

Name: libpng1.6
Purl: pkg:deb/debian/libpng1.6?arch=source&distro=bookworm

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.6.39-2+deb12u5

Affected versions

1.*

1.6.39-2

1.6.39-2+deb12u1

1.6.39-2+deb12u2

1.6.39-2+deb12u3

1.6.39-2+deb12u4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2026-34757.json"

Debian:13 / libpng1.6

Package

Name: libpng1.6
Purl: pkg:deb/debian/libpng1.6?arch=source&distro=trixie

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.6.48-1+deb13u5

Affected versions

1.*

1.6.48-1

1.6.48-1+deb13u1

1.6.48-1+deb13u2

1.6.48-1+deb13u3

1.6.48-1+deb13u4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2026-34757.json"

Debian:14 / libpng1.6

Package

Name: libpng1.6
Purl: pkg:deb/debian/libpng1.6?arch=source&distro=forky

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.6.57-1

Affected versions

1.*

1.6.48-1

1.6.49-1~exp1

1.6.50-1~exp1

1.6.50-1

1.6.51-1

1.6.52-1

1.6.53-1

1.6.54-1

1.6.55-1

1.6.56-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2026-34757.json"