This page collects WhisperX intelligence signals tagged #CVE-2025-65018. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
Red Hat Enterprise Linux 9 (RHEL 9) 中捆绑的 `java-17-openjdk-headless` 软件包存在一个高危安全漏洞,其根源在于集成了存在缺陷的 libpng 库。该漏洞(CVE-2025-65018)是一个堆缓冲区溢出漏洞,位于 libpng 简化 API 函数 `png_image_finish_read` 中。攻击者通过精心构造的交错式 PNG 图像文件,可在处理 16 位交错 PNG 并转换为 8 位输出格式时,触发超出已分配缓冲区边界的堆写入操作。这为远程代码执行打开了大门。 该漏洞影响 libpng 1.6.0 至 1.6.50 版本。Red Hat 已通过安全公告 RHS...
A critical heap buffer overflow vulnerability, tracked as CVE-2025-65018, has been patched in the `java-17-openjdk-headless` package for Red Hat Enterprise Linux 9. The flaw originates in the upstream libpng library, a core component for processing PNG image files. Specifically, versions 1.6.0 through 1.6.50 of libpng ...