VYPR

GD extension

by HHVM

Source repositories

CVEs (2)

  • CVE-2019-11926CriSep 6, 2019
    risk 0.00cvss 9.8epss 0.02

    Insufficient boundary checks when processing M_SOFx markers from JPEG headers in the GD extension could allow access to out-of-bounds memory via a maliciously constructed invalid JPEG input. This issue affects HHVM versions prior to 3.30.9, all versions between 4.0.0 and 4.8.3,…

  • CVE-2019-11925CriSep 6, 2019
    risk 0.00cvss 9.8epss 0.02

    Insufficient boundary checks when processing the JPEG APP12 block marker in the GD extension could allow access to out-of-bounds memory via a maliciously constructed invalid JPEG input. This issue affects HHVM versions prior to 3.30.9, all versions between 4.0.0 and 4.8.3, all…