{ "schema_version": "1.7.0", "id": "RHSA-2026:6732", "related": [], "upstream": [ "CVE-2025-28162", "CVE-2025-28164", "CVE-2025-64505", "CVE-2025-64506", "CVE-2025-64720", "CVE-2025-65018", "CVE-2025-66293", "CVE-2026-3713", "CVE-2026-22695", "CVE-2026-22801", "CVE-2026-25646", "CVE-2026-33416", "CVE-2026-33636" ], "published": "2026-04-20T10:10:48Z", "modified": "2026-04-23T10:13:19Z", "summary": "Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H" } ], "affected": [ { "package": { "name": "libpng", "ecosystem": "Red Hat:hummingbird:1", "purl": "pkg:rpm/redhat/libpng" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:1.6.56-1.hum1" } ], "type": "ECOSYSTEM" } ] } ], "references": [ { "type": "ADVISORY", "url": "https://access.redhat.com/errata/RHSA-2026:6732" }, { "type": "ARTICLE", "url": "https://images.redhat.com/" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2025-65018" }, { "type": "ARTICLE", "url": "https://access.redhat.com/security/updates/classification/" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2025-64720" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2025-64506" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2025-64505" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-22801" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-22695" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2025-28164" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2025-28162" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-33636" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-33416" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2025-66293" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-3713" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-25646" }, { "type": "ADVISORY", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_6732.json" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433407" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2025-28162" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-28162" }, { "type": "ARTICLE", "url": "https://gist.github.com/kittener/fbfdb9b5610c6b3db0d5dea045a07c60" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/issues/656" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433398" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2025-28164" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-28164" }, { "type": "ARTICLE", "url": "https://gist.github.com/kittener/506516f8c22178005b4379c8b2a7de20" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/issues/655" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416905" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2025-64505" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64505" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/commit/6a528eb5fd0dd7f6de1c39d30de0e41473431c37" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/pull/748" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-4952-h5wq-4m42" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416906" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2025-64506" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64506" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/commit/2bd84c019c300b78e811743fbcddb67c9d9bf821" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/pull/749" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-qpr4-xm66-hww6" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416904" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2025-64720" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64720" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/commit/08da33b4c88cfcd36e5a706558a8d7e0e4773643" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/issues/686" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/pull/751" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-hfc7-ph9c-wcww" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416907" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2025-65018" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65018" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/commit/16b5e3823918840aae65c0a6da57c78a5a496a4d" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/commit/218612ddd6b17944e21eda56caf8b4bf7779d1ea" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/issues/755" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/pull/757" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-7wv6-48j4-hj3g" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418711" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2025-66293" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66293" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/commit/788a624d7387a758ffd5c7ab010f1870dea753a1" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/commit/a05a48b756de63e3234ea6b3b938b8f5f862484a" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/issues/764" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-9mpm-9pxh-mg4f" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445566" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-3713" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3713" }, { "type": "ARTICLE", "url": "https://github.com/biniamf/pocs/tree/main/pnm2png" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/issues/794" }, { "type": "ARTICLE", "url": "https://vuldb.com/?ctiid.349658" }, { "type": "ARTICLE", "url": "https://vuldb.com/?id.349658" }, { "type": "ARTICLE", "url": "https://vuldb.com/?submit.761996" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428825" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-22695" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22695" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/commit/e4f7ad4ea2" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/issues/778" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-mmq5-27w3-rxpp" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428824" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-22801" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22801" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-vgjq-8cw5-ggw8" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438542" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-25646" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25646" }, { "type": "ARTICLE", "url": "http://www.openwall.com/lists/oss-security/2026/02/09/7" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/commit/01d03b8453eb30ade759cd45c707e5a1c7277d88" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-g8hp-mq4h-rqm3" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451805" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-33416" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33416" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/commit/23019269764e35ed8458e517f1897bd3c54820eb" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/commit/7ea9eea884a2328cc7fdcb3c0c00246a50d90667" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/commit/a3a21443ed12bfa1ef46fa0d4fb2b74a0fa34a25" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/commit/c1b0318b393c90679e6fa5bc1d329fd5d5012ec1" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/pull/824" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-m4pc-p4q3-4c7j" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451819" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-33636" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33636" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/commit/7734cda20cf1236aef60f3bbd2267c97bbb40869" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/commit/aba9f18eba870d14fb52c5ba5d73451349e339c3" }, { "type": "ARTICLE", "url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-wjr5-c57x-95m2" } ] }