AVG-2258 log

Package gd
Status Fixed
Severity Medium
Type multiple issues
Affected 2.3.2-4
Fixed 2.3.3-1
Current 2.3.3-7 [extra]
Ticket None
Created Thu Aug 5 08:40:31 2021
Issue Severity Remote Type Description
CVE-2021-40812 Medium Yes Information disclosure
The GD Graphics Library (aka LibGD) through 2.3.2 has an out-of-bounds read because of the lack of certain gdGetBuf and gdPutBuf return value checks.
CVE-2021-40145 Medium Yes Arbitrary code execution
** DISPUTED ** gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka LibGD) through 2.3.2 has a double free. NOTE: the vendor's position is "The GD2...
CVE-2021-38115 Low Yes Denial of service
read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) through 2.3.2 allows remote attackers to cause a denial of service (out-of-bounds read)...