Filtered by vendor Libgd Subscriptions
Total 39 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-40812 1 Libgd 1 Libgd 2024-10-29 6.5 Medium
The GD Graphics Library (aka LibGD) through 2.3.2 has an out-of-bounds read because of the lack of certain gdGetBuf and gdPutBuf return value checks.
CVE-2019-11038 8 Canonical, Debian, Fedoraproject and 5 more 14 Ubuntu Linux, Debian Linux, Fedora and 11 more 2024-09-16 5.3 Medium
When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code.
CVE-2007-3473 2 Libgd, Redhat 2 Gd Graphics Library, Enterprise Linux 2024-08-07 N/A
The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure.
CVE-2007-3474 1 Libgd 1 Gd Graphics Library 2024-08-07 N/A
Multiple unspecified vulnerabilities in the GIF reader in the GD Graphics Library (libgd) before 2.0.35 have unspecified impact and user-assisted remote attack vectors.
CVE-2007-3472 2 Libgd, Redhat 2 Gd Graphics Library, Enterprise Linux 2024-08-07 N/A
Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified attack vectors and impact.
CVE-2007-3477 1 Libgd 1 Gd Graphics Library 2024-08-07 N/A
The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allow attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value.
CVE-2007-2756 2 Libgd, Redhat 3 Libgd, Enterprise Linux, Rhel Application Stack 2024-08-07 N/A
The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.
CVE-2009-3546 3 Libgd, Php, Redhat 3 Gd Graphics Library, Php, Enterprise Linux 2024-08-07 N/A
The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third party information.
CVE-2013-7456 3 Libgd, Php, Redhat 3 Libgd, Php, Rhel Software Collections 2024-08-06 N/A
gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is mishandled by the imagescale function.
CVE-2014-9709 6 Canonical, Debian, Libgd and 3 more 7 Ubuntu Linux, Debian Linux, Libgd and 4 more 2024-08-06 N/A
The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function.
CVE-2015-8877 3 Libgd, Php, Redhat 3 Libgd, Php, Rhel Software Collections 2024-08-06 N/A
The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function.
CVE-2016-10167 2 Libgd, Redhat 3 Libgd, Enterprise Linux, Rhel Software Collections 2024-08-06 N/A
The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file.
CVE-2016-10168 2 Libgd, Redhat 3 Libgd, Enterprise Linux, Rhel Software Collections 2024-08-06 N/A
Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image.
CVE-2016-10166 2 Libgd, Redhat 2 Libgd, Rhel Software Collections 2024-08-06 N/A
Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable.
CVE-2016-9933 3 Libgd, Php, Redhat 3 Libgd, Php, Rhel Software Collections 2024-08-06 N/A
Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted imagefilltoborder call that triggers use of a negative color value.
CVE-2016-9317 1 Libgd 1 Libgd 2024-08-06 N/A
The gdImageCreate function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (system hang) via an oversized image.
CVE-2016-8670 2 Libgd, Php 2 Libgd, Php 2024-08-06 N/A
Integer signedness error in the dynamicGetbuf function in gd_io_dp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted imagecreatefromstring call.
CVE-2016-7568 3 Debian, Libgd, Php 3 Debian Linux, Libgd, Php 2024-08-06 N/A
Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted imagewebp and imagedestroy calls.
CVE-2016-6911 1 Libgd 1 Libgd 2024-08-06 N/A
The dynamicGetbuf function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image.
CVE-2016-6912 1 Libgd 1 Libgd 2024-08-06 N/A
Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via large width and height values.