Jeff Phillips

**Name of the Vulnerable Software and Affected Versions** libpng versions prior to 1.2.37 **Description** The issue is related to the improper parsing of 1-bit interlaced images with width values that are not divisible by 8. This can cause libpng to include uninitialized bits in certain rows of a PNG file, potentially allowing remote attackers to read portions of sensitive memory via "out-of-bounds pixels" in the file. The vulnerability may lead to a breach of confidentiality of protected information and can be exploited remotely. **Recommendations** For libpng versions prior to 1.2.37, update to version 1.2.37 or later to resolve the issue.