Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libgd libgd vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-40812
The GD Graphics Library (aka LibGD) up to and including 2.3.2 has an out-of-bounds read because of the lack of certain gdGetBuf and gdPutBuf return value checks.
Libgd Libgd
2 Github repositories
7.5
CVSSv3
CVE-2021-40145
gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka LibGD) up to and including 2.3.2 has a double free. NOTE: the vendor's position is "The GD2 image format is a proprietary image format of libgd. It has to be regarded as being obsolete, and should only be used fo...
Libgd Libgd
6.5
CVSSv3
CVE-2021-38115
read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) up to and including 2.3.2 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted TGA file.
Libgd Libgd
2 Github repositories
8.1
CVSSv3
CVE-2017-6363
In the GD Graphics Library (aka LibGD) up to and including 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since the GD and GD2 formats are documented to be 'obsolete, and s...
Libgd Libgd
7.5
CVSSv3
CVE-2018-14553
gdImageClone in gd.c in libgd 2.1.0-rc2 up to and including 2.2.5 has a NULL pointer dereference allowing malicious users to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).
Libgd Libgd
Libgd Libgd 2.1.0
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
Opensuse Leap 15.1
8.8
CVSSv3
CVE-2016-1000104
A security Bypass vulnerability exists in the FcgidPassHeader Proxy in mod_fcgid through 2016-07-07.
Apache Mod Fcgid
Opensuse Leap 42.1
Opensuse Opensuse 13.2
5.3
CVSSv3
CVE-2019-11038
When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value o...
Libgd Libgd 2.2.5
Php Php
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 32
Suse Linux Enterprise Debuginfo 11
Suse Linux Enterprise Desktop 12
Opensuse Leap 15.1
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Server 12
Suse Linux Enterprise Workstation Extension 12
Redhat Enterprise Linux 7.0
Redhat Software Collections 1.0
Redhat Enterprise Linux 8.0
9.8
CVSSv3
CVE-2019-6978
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected.
Libgd Libgd 2.2.5
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
8.8
CVSSv3
CVE-2019-6977
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP prior to 5.6.40, 7.x prior to 7.1.26, 7.2.x prior to 7.2.14, and 7.3.x prior to 7.3.1, has a heap-based buffer overflow. This can be exploited by an ...
Libgd Libgd 2.2.5
Php Php 7.3.0
Php Php
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Netapp Storage Automation Store
1 EDB exploit
8.8
CVSSv3
CVE-2018-1000222
Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack appear to be exploitable via Specially Crafted Jpeg Image can trigger double free. This vulnerability appears to have been fixed...
Libgd Libgd 2.2.5
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »