Bug 2445566 (CVE-2026-3713) - CVE-2026-3713 libpng: libpng: Heap-based buffer overflow in pnm2png allows information disclosure and denial of service
Summary: CVE-2026-3713 libpng: libpng: Heap-based buffer overflow in pnm2png allows in...
Keywords:
Status: NEW
Alias: CVE-2026-3713
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL: https://github.com/pnggroup/libpng/is...
Whiteboard:
Depends On: 2445665 2445666 2445667 2445668 2445671 2445672 2445673 2445674 2445675 2445676 2445677 2445678 2445679 2445682 2445669 2445670 2445680 2445681
Blocks:
TreeView+ depends on / blocked
 
Reported: 2026-03-08 07:01 UTC by OSIDB Bzimport
Modified: 2026-03-27 06:26 UTC (History)
24 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description OSIDB Bzimport 2026-03-08 07:01:18 UTC 
A flaw has been found in pnggroup libpng up to 1.6.55. Affected by this vulnerability is the function do_pnm2png of the file contrib/pngminus/pnm2png.c of the component pnm2png. This manipulation of the argument width/height causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Note You need to log in before you can comment on or make changes to this bug.