MGASA-2015-0451

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2015-8126

Published: 19 Nov 2015, 22:08

Last modified:16 Apr 2026, 06:25

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

19 Nov 2015, 22:08

Published

Vulnerability first disclosed

16 Apr 2026, 06:25

Last Modified

Vulnerability information updated

Description

Updated libpng/libpng12 packages fix security vulnerability Multiple buffer overflows in the png_set_PLTE and png_get_PLTE functions in libpng before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image (CVE-2015-8126). This issue also affected libpng 1.2 before 1.2.54. The libpng and libpng12 packages have been updated to versions 1.6.19 and 1.2.54, respectively, fixing this issue.

Affected Systems

mageia•libpng
< 1.6.19-1.mga5
mageia•libpng12
< 1.2.54-1.mga5

MGASA-2015-0451

Vulnerability Summary

Timeline

Description

Affected Systems

References (3)