{ "schema_version": "1.7.0", "id": "RHSA-2026:4728", "related": [], "upstream": [ "CVE-2026-22695", "CVE-2026-22801", "CVE-2026-25646" ], "published": "2026-03-18T11:20:17Z", "modified": "2026-04-04T10:06:20Z", "summary": "Red Hat Security Advisory: libpng security update", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "affected": [ { "package": { "name": "libpng", "ecosystem": "Red Hat:enterprise_linux:8::baseos", "purl": "pkg:rpm/redhat/libpng" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:1.6.34-10.el8_10" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "libpng-debuginfo", "ecosystem": "Red Hat:enterprise_linux:8::baseos", "purl": "pkg:rpm/redhat/libpng-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:1.6.34-10.el8_10" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "libpng-debugsource", "ecosystem": "Red Hat:enterprise_linux:8::baseos", "purl": "pkg:rpm/redhat/libpng-debugsource" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:1.6.34-10.el8_10" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "libpng-devel", "ecosystem": "Red Hat:enterprise_linux:8::baseos", "purl": "pkg:rpm/redhat/libpng-devel" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:1.6.34-10.el8_10" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "libpng-devel-debuginfo", "ecosystem": "Red Hat:enterprise_linux:8::baseos", "purl": "pkg:rpm/redhat/libpng-devel-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:1.6.34-10.el8_10" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "libpng-tools-debuginfo", "ecosystem": "Red Hat:enterprise_linux:8::baseos", "purl": "pkg:rpm/redhat/libpng-tools-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:1.6.34-10.el8_10" } ], "type": "ECOSYSTEM" } ] } ], "references": [ { "type": "ADVISORY", "url": "https://access.redhat.com/errata/RHSA-2026:4728" }, { "type": "ARTICLE", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428824" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428825" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438542" }, { "type": "ADVISORY", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_4728.json" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-22695" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-22695" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22695" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/commit/218612ddd6b17944e21eda56caf8b4bf7779d1ea" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/commit/e4f7ad4ea2" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/issues/778" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-mmq5-27w3-rxpp" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-22801" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-22801" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22801" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-vgjq-8cw5-ggw8" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-25646" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-25646" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25646" }, { "type": "ARTICLE", "url": "http://www.openwall.com/lists/oss-security/2026/02/09/7" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/commit/01d03b8453eb30ade759cd45c707e5a1c7277d88" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-g8hp-mq4h-rqm3" } ] }