Threats Tagged 'cve-2025-64720'

This Red Hat security advisory addresses multiple vulnerabilities affecting Red Hat Hardened Images RPM packages, including libpng versions 1. 6. 56-1. hum1 for aarch64 and x86_64 architectures. The update includes bug fixes and enhancements for these RPMs. The advisory references a total of 13 CVEs, including CVE-2025-28162 and others, with associated CWEs such as buffer overflow and out-of-bounds read/write issues. No known exploits in the wild have been reported. Patch status is not explicitly confirmed in the provided data. The advisory is categorized as a high severity vulnerability update.

CVE-2024-5642 concerns Red Hat Discovery, a tool that inspects and reports environment data such as system counts, operating systems, and configuration details within a network. The advisory identifies this as a high-severity vulnerability affecting multiple Red Hat Discovery versions and related products. The vendor advisory does not indicate any available patches or fixes at this time. No known exploits are reported in the wild. The vulnerability is part of a broader advisory covering multiple CVEs related to Red Hat Discovery and subscription management tools.

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, an out-of-bounds read vulnerability exists in png_image_read_composite when processing palette images with PNG_FLAG_OPTIMIZE_ALPHA enabled. The palette compositing code in png_init_read_transformations incorrectly applies background compositing during premultiplication, violating the invariant component ≤ alpha × 257 required by the simplified PNG API. This issue has been patched in version 1.6.51.

HighVulnerabilityGermanyFranceUnited Kingdom+7#cve#cve-2025-64720#cwe-125