VulnerableCode Package Details - pkg:alpm/archlinux/gd@2.3.3-1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:alpm/archlinux/gd@2.3.3-1

Essentials
History (3)

purl	pkg:alpm/archlinux/gd@2.3.3-1

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (3)

Vulnerability	Summary	Aliases
VCID-g3zj-r8ag-a7ej	read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) through 2.3.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.	CVE-2021-38115
VCID-qqe4-4aja-j7dz	gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka LibGD) through 2.3.2 has a double free. NOTE: the vendor's position is "The GD2 image format is a proprietary image format of libgd. It has to be regarded as being obsolete, and should only be used for development and testing purposes.	CVE-2021-40145
VCID-s83u-wk4f-wkfd	The GD Graphics Library (aka LibGD) through 2.3.2 has an out-of-bounds read because of the lack of certain gdGetBuf and gdPutBuf return value checks.	CVE-2021-40812

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T18:26:34.242480+00:00	Arch Linux Importer	Fixing	VCID-g3zj-r8ag-a7ej	https://security.archlinux.org/AVG-2258	38.0.0
2026-04-01T18:26:34.220752+00:00	Arch Linux Importer	Fixing	VCID-qqe4-4aja-j7dz	https://security.archlinux.org/AVG-2258	38.0.0
2026-04-01T18:26:34.197219+00:00	Arch Linux Importer	Fixing	VCID-s83u-wk4f-wkfd	https://security.archlinux.org/AVG-2258	38.0.0