VYPR

Vendor CVEs

Libgd

All CVEs

66 total · sorted by risk
  • CVE-2024-23947May 28, 2024
    risk 0.00cvss epss 0.01

    Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the…

  • CVE-2024-24584May 28, 2024
    risk 0.00cvss epss 0.01

    Multiple out-of-bounds read vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds read. An attacker can provide a malicious file to trigger this vulnerability.This vulnerabilitty concerns the`readMSH`…

  • CVE-2024-24583May 28, 2024
    risk 0.00cvss epss 0.01

    Multiple out-of-bounds read vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds read. An attacker can provide a malicious file to trigger this vulnerability.This vulnerabilitty concerns the`readMSH`…

  • CVE-2024-22181May 28, 2024
    risk 0.00cvss epss 0.00

    An out-of-bounds write vulnerability exists in the readNODE functionality of libigl v2.5.0. A specially crafted .node file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.

  • CVE-2021-40812Sep 8, 2021
    risk 0.00cvss epss 0.02

    The GD Graphics Library (aka LibGD) through 2.3.2 has an out-of-bounds read because of the lack of certain gdGetBuf and gdPutBuf return value checks.

  • CVE-2021-40145Aug 26, 2021
    risk 0.00cvss epss 0.02

    gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka LibGD) through 2.3.2 has a double free. NOTE: the vendor's position is "The GD2 image format is a proprietary image format of libgd. It has to be regarded as being obsolete, and should only be used for development and…

  • CVE-2021-38115Aug 4, 2021
    risk 0.00cvss epss 0.02

    read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) through 2.3.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.

  • CVE-2017-6363Feb 27, 2020
    risk 0.00cvss epss 0.01

    In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since the GD and GD2 formats are documented to be 'obsolete, and should only be used…

  • CVE-2018-14553Feb 11, 2020
    risk 0.00cvss epss 0.03

    gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).

  • CVE-2019-6978Jan 28, 2019
    risk 0.00cvss epss 0.04

    The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected.

  • CVE-2007-3476Jun 28, 2007
    risk 0.00cvss epss 0.02

    Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault.

  • CVE-2007-3475Jun 28, 2007
    risk 0.00cvss epss 0.02

    The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map.

  • CVE-2007-3474Jun 28, 2007
    risk 0.00cvss epss 0.03

    Multiple unspecified vulnerabilities in the GIF reader in the GD Graphics Library (libgd) before 2.0.35 have unspecified impact and user-assisted remote attack vectors.

  • CVE-2007-3478Jun 28, 2007
    risk 0.00cvss epss 0.02

    Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors, possibly involving truetype font (TTF) support.

  • CVE-2007-3477Jun 28, 2007
    risk 0.00cvss epss 0.05

    The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allow attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value.

  • CVE-2007-2756May 18, 2007
    risk 0.00cvss epss 0.04

    The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.

Page 2 of 2