rpm package
opensuse/gd&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/gd&distro=openSUSE%20Tumbleweed
Vulnerabilities (22)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2014-2497 | — | < 2.2.3-2.1 | 2.2.3-2.1 | Mar 21, 2014 | The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file. | ||
| CVE-2007-2756 | — | < 2.3.3-1.1 | 2.3.3-1.1 | May 18, 2007 | The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng. |
- CVE-2014-2497Mar 21, 2014affected < 2.2.3-2.1fixed 2.2.3-2.1
The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file.
- CVE-2007-2756May 18, 2007affected < 2.3.3-1.1fixed 2.3.3-1.1
The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.
Page 2 of 2