Total
34 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10167 | 1 Libgd | 1 Libgd | 2018-05-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file. | |||||
| CVE-2016-10168 | 1 Libgd | 1 Libgd | 2018-05-03 | 6.8 MEDIUM | 7.8 HIGH |
| Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image. | |||||
| CVE-2016-9933 | 2 Libgd, Php | 2 Libgd, Php | 2018-05-03 | 5.0 MEDIUM | 7.5 HIGH |
| Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted imagefilltoborder call that triggers use of a negative color value. | |||||
| CVE-2016-5767 | 2 Libgd, Php | 2 Libgd, Php | 2018-01-04 | 6.8 MEDIUM | 8.8 HIGH |
| Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions. | |||||
| CVE-2015-8877 | 2 Libgd, Php | 2 Libgd, Php | 2018-01-04 | 5.0 MEDIUM | 7.5 HIGH |
| The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function. | |||||
| CVE-2013-7456 | 2 Libgd, Php | 2 Libgd, Php | 2018-01-04 | 6.8 MEDIUM | 7.6 HIGH |
| gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is mishandled by the imagescale function. | |||||
| CVE-2016-6912 | 1 Libgd | 1 Libgd | 2017-11-03 | 7.5 HIGH | 9.8 CRITICAL |
| Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via large width and height values. | |||||
| CVE-2016-10166 | 1 Libgd | 1 Libgd | 2017-11-03 | 7.5 HIGH | 9.8 CRITICAL |
| Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable. | |||||
| CVE-2016-6906 | 1 Libgd | 1 Libgd | 2017-11-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file, related to the decompression buffer. | |||||
| CVE-2016-6911 | 1 Libgd | 1 Libgd | 2017-11-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The dynamicGetbuf function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image. | |||||
| CVE-2016-8670 | 2 Libgd, Php | 2 Libgd, Php | 2017-11-03 | 7.5 HIGH | 9.8 CRITICAL |
| Integer signedness error in the dynamicGetbuf function in gd_io_dp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted imagecreatefromstring call. | |||||
| CVE-2016-9317 | 1 Libgd | 1 Libgd | 2017-11-03 | 7.1 HIGH | 5.5 MEDIUM |
| The gdImageCreate function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (system hang) via an oversized image. | |||||
| CVE-2007-2756 | 1 Libgd | 1 Libgd | 2017-10-10 | 4.3 MEDIUM | N/A |
| The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng. | |||||
| CVE-2017-6362 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2017-09-13 | 5.0 MEDIUM | 7.5 HIGH |
| Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors. | |||||