Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libgd libgd 2.2.5 vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2017-6363
In the GD Graphics Library (aka LibGD) up to and including 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since the GD and GD2 formats are documented to be 'obsolete, and s...
Libgd Libgd
7.5
CVSSv3
CVE-2018-14553
gdImageClone in gd.c in libgd 2.1.0-rc2 up to and including 2.2.5 has a NULL pointer dereference allowing malicious users to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).
Libgd Libgd
Libgd Libgd 2.1.0
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
Opensuse Leap 15.1
5.3
CVSSv3
CVE-2019-11038
When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value o...
Libgd Libgd 2.2.5
Php Php
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 32
Suse Linux Enterprise Debuginfo 11
Suse Linux Enterprise Desktop 12
Opensuse Leap 15.1
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Server 12
Suse Linux Enterprise Workstation Extension 12
Redhat Enterprise Linux 7.0
Redhat Software Collections 1.0
Redhat Enterprise Linux 8.0
9.8
CVSSv3
CVE-2019-6978
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected.
Libgd Libgd 2.2.5
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
8.8
CVSSv3
CVE-2019-6977
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP prior to 5.6.40, 7.x prior to 7.1.26, 7.2.x prior to 7.2.14, and 7.3.x prior to 7.3.1, has a heap-based buffer overflow. This can be exploited by an ...
Libgd Libgd 2.2.5
Php Php 7.3.0
Php Php
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Netapp Storage Automation Store
1 EDB exploit
8.8
CVSSv3
CVE-2018-1000222
Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack appear to be exploitable via Specially Crafted Jpeg Image can trigger double free. This vulnerability appears to have been fixed...
Libgd Libgd 2.2.5
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2017-6362
Double free vulnerability in the gdImagePngPtr function in libgd2 prior to 2.2.5 allows remote malicious users to cause a denial of service via vectors related to a palette with no colors.
Libgd Libgd 2.2.4
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 26
Canonical Ubuntu Linux 16.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started