Search for packages
| purl | pkg:alpm/archlinux/gd@2.2.5-2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-huby-p431-aaap | gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or imagecreatefromstring PHP function. This is related to GetCode_ and gdImageCreateFromGifCtx. |
CVE-2018-5711
|
| VCID-ndqf-auts-aaaf | Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack appear to be exploitable via Specially Crafted Jpeg Image can trigger double free. This vulnerability appears to have been fixed in after commit ac16bdf2d41724b5a65255d4c28fb0ec46bc42f5. |
CVE-2018-1000222
|
| VCID-qg6r-qqzg-aaag | The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected. |
CVE-2019-6978
|
| VCID-yrku-ufk1-aaaj | gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data. |
CVE-2019-6977
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:44:28.836048+00:00 | Arch Linux Importer | Fixing | VCID-ndqf-auts-aaaf | https://security.archlinux.org/AVG-865 | 36.0.0 |
| 2025-03-28T07:44:28.814068+00:00 | Arch Linux Importer | Fixing | VCID-huby-p431-aaap | https://security.archlinux.org/AVG-865 | 36.0.0 |
| 2025-03-28T07:44:28.793295+00:00 | Arch Linux Importer | Fixing | VCID-yrku-ufk1-aaaj | https://security.archlinux.org/AVG-865 | 36.0.0 |
| 2025-03-28T07:44:28.774757+00:00 | Arch Linux Importer | Fixing | VCID-qg6r-qqzg-aaag | https://security.archlinux.org/AVG-865 | 36.0.0 |
| 2024-09-18T01:59:33.699428+00:00 | Arch Linux Importer | Fixing | VCID-ndqf-auts-aaaf | https://security.archlinux.org/AVG-865 | 34.0.1 |
| 2024-09-18T01:59:33.677867+00:00 | Arch Linux Importer | Fixing | VCID-huby-p431-aaap | https://security.archlinux.org/AVG-865 | 34.0.1 |
| 2024-09-18T01:59:33.652409+00:00 | Arch Linux Importer | Fixing | VCID-yrku-ufk1-aaaj | https://security.archlinux.org/AVG-865 | 34.0.1 |
| 2024-09-18T01:59:33.628346+00:00 | Arch Linux Importer | Fixing | VCID-qg6r-qqzg-aaag | https://security.archlinux.org/AVG-865 | 34.0.1 |
| 2024-01-03T22:25:49.921732+00:00 | Arch Linux Importer | Fixing | VCID-ndqf-auts-aaaf | https://security.archlinux.org/AVG-865 | 34.0.0rc1 |
| 2024-01-03T22:25:49.898976+00:00 | Arch Linux Importer | Fixing | VCID-huby-p431-aaap | https://security.archlinux.org/AVG-865 | 34.0.0rc1 |
| 2024-01-03T22:25:49.871315+00:00 | Arch Linux Importer | Fixing | VCID-yrku-ufk1-aaaj | https://security.archlinux.org/AVG-865 | 34.0.0rc1 |
| 2024-01-03T22:25:49.846675+00:00 | Arch Linux Importer | Fixing | VCID-qg6r-qqzg-aaag | https://security.archlinux.org/AVG-865 | 34.0.0rc1 |