Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Libgd
(Libgd)| Repositories |
• https://github.com/libgd/libgd
• https://github.com/php/php-src |
| #Vulnerabilities | 34 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-02-27 | CVE-2017-6363 | In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since the GD and GD2 formats are documented to be 'obsolete, and should only be used for development and testing purposes.' | Libgd | 8.1 | ||
| 2021-08-26 | CVE-2021-40145 | gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka LibGD) through 2.3.2 has a double free. NOTE: the vendor's position is "The GD2 image format is a proprietary image format of libgd. It has to be regarded as being obsolete, and should only be used for development and testing purposes. | Libgd | 7.5 | ||
| 2020-02-11 | CVE-2018-14553 | gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled). | Ubuntu_linux, Debian_linux, Fedora, Libgd, Leap | 7.5 |