CVE-2021-40145 log
| Source |
|
| Severity | Medium |
| Remote | Yes |
| Type | Arbitrary code execution |
| Description | ** DISPUTED ** gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka LibGD) through 2.3.2 has a double free. NOTE: the vendor's position is "The GD2 image format is a proprietary image format of libgd. It has to be regarded as being obsolete, and should only be used for development and testing purposes." |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-2258 | gd | 2.3.2-4 | 2.3.3-1 | Medium | Fixed |
| References |
|---|
https://github.com/libgd/libgd/issues/700 https://github.com/libgd/libgd/pull/713 https://github.com/libgd/libgd/commit/e95059590fadaabd9aadc0c0489804d75a3c5d52 |