rpm package
suse/gd&distro=SUSE Linux Enterprise Software Development Kit 12 SP5
pkg:rpm/suse/gd&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-40812 | — | < 2.1.0-24.20.1 | 2.1.0-24.20.1 | Sep 8, 2021 | The GD Graphics Library (aka LibGD) through 2.3.2 has an out-of-bounds read because of the lack of certain gdGetBuf and gdPutBuf return value checks. | ||
| CVE-2018-14553 | — | < 2.1.0-24.17.1 | 2.1.0-24.17.1 | Feb 11, 2020 | gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled). | ||
| CVE-2019-11038 | — | < 2.1.0-24.17.1 | 2.1.0-24.17.1 | Jun 18, 2019 | When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value o | ||
| CVE-2017-7890 | Med | 6.5 | < 2.1.0-24.17.1 | 2.1.0-24.17.1 | Aug 2, 2017 | The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read ~700 byte |
- CVE-2021-40812Sep 8, 2021affected < 2.1.0-24.20.1fixed 2.1.0-24.20.1
The GD Graphics Library (aka LibGD) through 2.3.2 has an out-of-bounds read because of the lack of certain gdGetBuf and gdPutBuf return value checks.
- CVE-2018-14553Feb 11, 2020affected < 2.1.0-24.17.1fixed 2.1.0-24.17.1
gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).
- CVE-2019-11038Jun 18, 2019affected < 2.1.0-24.17.1fixed 2.1.0-24.17.1
When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value o
- affected < 2.1.0-24.17.1fixed 2.1.0-24.17.1
The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read ~700 byte