VYPR

rpm package

suse/gd&distro=SUSE Linux Enterprise Server 11 SP4

pkg:rpm/suse/gd&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4

Vulnerabilities (8)

  • CVE-2018-5711MedJan 16, 2018
    affected < 2.0.36.RC1-52.33.5.1fixed 2.0.36.RC1-52.33.5.1

    gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatef

  • CVE-2016-10168HigMar 15, 2017
    affected < 2.0.36.RC1-52.32.1fixed 2.0.36.RC1-52.32.1

    Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image.

  • CVE-2016-10167MedMar 15, 2017
    affected < 2.0.36.RC1-52.32.1fixed 2.0.36.RC1-52.32.1

    The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file.

  • CVE-2016-9317MedJan 26, 2017
    affected < 2.0.36.RC1-52.32.1fixed 2.0.36.RC1-52.32.1

    The gdImageCreate function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (system hang) via an oversized image.

  • CVE-2016-6911MedJan 26, 2017
    affected < 2.0.36.RC1-52.25.1fixed 2.0.36.RC1-52.25.1

    The dynamicGetbuf function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image.

  • CVE-2016-9933HigJan 4, 2017
    affected < 2.0.36.RC1-52.29.1fixed 2.0.36.RC1-52.29.1

    Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted imagefi

  • CVE-2016-8670CriJan 4, 2017
    affected < 2.0.36.RC1-52.25.1fixed 2.0.36.RC1-52.25.1

    Integer signedness error in the dynamicGetbuf function in gd_io_dp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspe

  • CVE-2016-6161MedAug 12, 2016
    affected < 2.0.36.RC1-52.22.1fixed 2.0.36.RC1-52.22.1

    The output function in gd_gif_out.c in the GD Graphics Library (aka libgd) allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image.