Vulnerabilities (CVE)

Vendor filter

Libgd Subscribe

Product filter

Libgd Subscribe

Filter

30 total CVE
CVE Vendors Products Updated CVSS
CVE-2014-9709 6 Libgd, Php, Novell and 3 more 6 Php, Libgd, Opensuse and 3 more 2019-10-09 5.0
The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF image that is...
CVE-2018-15879 1 Libgd 1 Libgd 2019-06-24 7.5
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-6978. Reason: This candidate is a reservation duplicate of CVE-2019-6978. Notes: All CVE users should reference CVE-2019-6978 instead of this candidate. All references and...
CVE-2018-15878 1 Libgd 1 Libgd 2019-06-24 7.5
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-6978. Reason: This candidate is a reservation duplicate of CVE-2019-6978. Notes: All CVE users should reference CVE-2019-6978 instead of this candidate. All references and...
CVE-2016-5766 5 Freebsd, Debian, Libgd and 2 more 6 Debian Linux, Openshift, Enterprise Linux and 3 more 2019-04-22 6.8
Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service...
CVE-2019-6977 5 Libgd, Php, Debian and 2 more 5 Libgd, Php, Debian Linux and 2 more 2019-04-10 6.8
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow....
CVE-2016-7568 3 Libgd, Php, Debian 3 Libgd, Php, Debian Linux 2019-03-07 7.5
Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have...
CVE-2018-1000222 3 Libgd, Canonical, Debian 3 Libgd, Ubuntu Linux, Debian Linux 2019-03-05 6.8
Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack appear to be exploitable via Specially Crafted Jpeg Image can trigger double free. This...
CVE-2016-6128 5 Debian, Libgd, Novell and 2 more 5 Debian Linux, Leap, Libgd and 2 more 2019-03-05 5.0
The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 7.0.9, allows remote attackers to cause a denial of service (application crash) via an invalid color index.
CVE-2019-6978 3 Libgd, Debian, Canonical 3 Libgd, Debian Linux, Ubuntu Linux 2019-03-01 7.5
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected.
CVE-2016-6905 3 Libgd, Novell, Opensuse 5 Leap, Libgd, Opensuse and 2 more 2018-10-30 4.3
The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA image.
CVE-2016-6214 4 Debian, Libgd, Novell and 1 more 4 Debian Linux, Leap, Libgd and 1 more 2018-10-30 4.3
gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.
CVE-2016-5116 4 Debian, Libgd, Novell and 1 more 4 Debian Linux, Leap, Libgd and 1 more 2018-10-30 6.4
gd_xbm.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in certain custom PHP 5.5.x configurations, allows context-dependent attackers to obtain sensitive information from process memory or cause a denial of service (stack-based...
CVE-2016-6132 4 Debian, Libgd, Novell and 1 more 4 Debian Linux, Leap, Libgd and 1 more 2018-10-30 4.3
The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.
CVE-2016-6161 4 Debian, Libgd, Novell and 1 more 4 Debian Linux, Leap, Libgd and 1 more 2018-10-30 4.3
The output function in gd_gif_out.c in the GD Graphics Library (aka libgd) allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image.
CVE-2016-6207 4 Debian, Libgd, Novell and 1 more 4 Debian Linux, Leap, Libgd and 1 more 2018-10-30 4.3
Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds memory write or memory consumption) via unspecified vectors.
CVE-2016-3074 2 Debian, Libgd 2 Debian Linux, Libgd 2018-10-09 7.5
Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow.
CVE-2016-9933 1 Libgd 1 Libgd 2018-05-04 5.0
Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service...
CVE-2016-10168 1 Libgd 1 Libgd 2018-05-04 6.8
Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image.
CVE-2016-10167 1 Libgd 1 Libgd 2018-05-04 4.3
The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file.
CVE-2016-5767 1 Libgd 1 Libgd 2018-01-05 6.8
Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service...