Published: 26/08/2021 Updated: 11/04/2024

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka LibGD) up to and including 2.3.2 has a double free. NOTE: the vendor's position is "The GD2 image format is a proprietary image format of libgd. It has to be regarded as being obsolete, and should only be used for development and testing purposes.

Vulnerable Product	Search on Vulmon	Subscribe to Product
libgd libgd

** DISPUTED ** gdImageGd2Ptr in gd_gd2c in the GD Graphics Library (aka LibGD) through 232 has a double free NOTE: the vendor's position is "The GD2 image format is a proprietary image format of libgd It has to be regarded as being obsolete, and should only be used for development and testing purposes" (CVE-2021-40145) ...

** DISPUTED ** gdImageGd2Ptr in gd_gd2c in the GD Graphics Library (aka LibGD) through 232 has a double free NOTE: the vendor's position is "The GD2 image format is a proprietary image format of libgd It has to be regarded as being obsolete, and should only be used for development and testing purposes" ...

CWE-415 https://github.com/libgd/libgd/pull/713 https://github.com/libgd/libgd/issues/700 https://github.com/libgd/libgd/commit/c5fd25ce0e48fd5618a972ca9f5e28d6d62006af https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2023-2044.html

CVE-2021-40145

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect