Search for packages
| purl | pkg:alpm/archlinux/gd@2.2.5-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-huby-p431-aaap
Aliases: CVE-2018-5711 |
gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or imagecreatefromstring PHP function. This is related to GetCode_ and gdImageCreateFromGifCtx. |
Affected by 0 other vulnerabilities. |
|
VCID-ndqf-auts-aaaf
Aliases: CVE-2018-1000222 |
Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack appear to be exploitable via Specially Crafted Jpeg Image can trigger double free. This vulnerability appears to have been fixed in after commit ac16bdf2d41724b5a65255d4c28fb0ec46bc42f5. |
Affected by 0 other vulnerabilities. |
|
VCID-qg6r-qqzg-aaag
Aliases: CVE-2019-6978 |
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected. |
Affected by 0 other vulnerabilities. |
|
VCID-yrku-ufk1-aaaj
Aliases: CVE-2019-6977 |
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:44:28.829422+00:00 | Arch Linux Importer | Affected by | VCID-ndqf-auts-aaaf | https://security.archlinux.org/AVG-865 | 36.0.0 |
| 2025-03-28T07:44:28.807357+00:00 | Arch Linux Importer | Affected by | VCID-huby-p431-aaap | https://security.archlinux.org/AVG-865 | 36.0.0 |
| 2025-03-28T07:44:28.788384+00:00 | Arch Linux Importer | Affected by | VCID-yrku-ufk1-aaaj | https://security.archlinux.org/AVG-865 | 36.0.0 |
| 2025-03-28T07:44:28.769853+00:00 | Arch Linux Importer | Affected by | VCID-qg6r-qqzg-aaag | https://security.archlinux.org/AVG-865 | 36.0.0 |
| 2024-09-18T01:59:33.694525+00:00 | Arch Linux Importer | Affected by | VCID-ndqf-auts-aaaf | https://security.archlinux.org/AVG-865 | 34.0.1 |
| 2024-09-18T01:59:33.672903+00:00 | Arch Linux Importer | Affected by | VCID-huby-p431-aaap | https://security.archlinux.org/AVG-865 | 34.0.1 |
| 2024-09-18T01:59:33.647442+00:00 | Arch Linux Importer | Affected by | VCID-yrku-ufk1-aaaj | https://security.archlinux.org/AVG-865 | 34.0.1 |
| 2024-09-18T01:59:33.623133+00:00 | Arch Linux Importer | Affected by | VCID-qg6r-qqzg-aaag | https://security.archlinux.org/AVG-865 | 34.0.1 |
| 2024-01-03T22:25:49.916811+00:00 | Arch Linux Importer | Affected by | VCID-ndqf-auts-aaaf | https://security.archlinux.org/AVG-865 | 34.0.0rc1 |
| 2024-01-03T22:25:49.894139+00:00 | Arch Linux Importer | Affected by | VCID-huby-p431-aaap | https://security.archlinux.org/AVG-865 | 34.0.0rc1 |
| 2024-01-03T22:25:49.866503+00:00 | Arch Linux Importer | Affected by | VCID-yrku-ufk1-aaaj | https://security.archlinux.org/AVG-865 | 34.0.0rc1 |
| 2024-01-03T22:25:49.841688+00:00 | Arch Linux Importer | Affected by | VCID-qg6r-qqzg-aaag | https://security.archlinux.org/AVG-865 | 34.0.0rc1 |