| CVE-2021-40812 |
AVG-2258 |
Medium |
Yes |
Information disclosure |
The GD Graphics Library (aka LibGD) through 2.3.2 has an out-of-bounds read because of the lack of certain gdGetBuf and gdPutBuf return value checks. |
| CVE-2021-40145 |
AVG-2258 |
Medium |
Yes |
Arbitrary code execution |
** DISPUTED ** gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka LibGD) through 2.3.2 has a double free. NOTE: the vendor's position is "The GD2... |
| CVE-2021-38115 |
AVG-2258 |
Low |
Yes |
Denial of service |
read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) through 2.3.2 allows remote attackers to cause a denial of service (out-of-bounds read)... |
| CVE-2019-6978 |
AVG-865 |
Critical |
Yes |
Arbitrary code execution |
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. |
| CVE-2019-6977 |
AVG-865 |
Critical |
Yes |
Arbitrary code execution |
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before... |
| CVE-2018-1000222 |
AVG-865 |
Critical |
Yes |
Arbitrary code execution |
Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack... |
| CVE-2018-5711 |
AVG-865 |
Medium |
Yes |
Denial of service |
gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a... |