VulnerableCode Package Details - pkg:alpm/archlinux/gd@2.3.2-4

Search for packages

Vulnerability	Summary	Fixed by
VCID-11fp-nddr-aaah Aliases: CVE-2021-40145	gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka LibGD) through 2.3.2 has a double free. NOTE: the vendor's position is "The GD2 image format is a proprietary image format of libgd. It has to be regarded as being obsolete, and should only be used for development and testing purposes.	2.3.3-1 Affected by 0 other vulnerabilities.
VCID-dq4w-ytv8-aaaj Aliases: CVE-2021-38115	read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) through 2.3.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.	2.3.3-1 Affected by 0 other vulnerabilities.
VCID-ewmf-ncfy-aaas Aliases: CVE-2021-40812	The GD Graphics Library (aka LibGD) through 2.3.2 has an out-of-bounds read because of the lack of certain gdGetBuf and gdPutBuf return value checks.	2.3.3-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-11fp-nddr-aaah
Aliases:
CVE-2021-40145

gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka LibGD) through 2.3.2 has a double free. NOTE: the vendor's position is "The GD2 image format is a proprietary image format of libgd. It has to be regarded as being obsolete, and should only be used for development and testing purposes.

2.3.3-1
Affected by 0 other vulnerabilities.

VCID-dq4w-ytv8-aaaj
Aliases:
CVE-2021-38115

read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) through 2.3.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.

2.3.3-1
Affected by 0 other vulnerabilities.

VCID-ewmf-ncfy-aaas
Aliases:
CVE-2021-40812

The GD Graphics Library (aka LibGD) through 2.3.2 has an out-of-bounds read because of the lack of certain gdGetBuf and gdPutBuf return value checks.

2.3.3-1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:46:28.007446+00:00	Arch Linux Importer	Affected by	VCID-dq4w-ytv8-aaaj	https://security.archlinux.org/AVG-2258	36.0.0
2025-03-28T07:46:27.988682+00:00	Arch Linux Importer	Affected by	VCID-11fp-nddr-aaah	https://security.archlinux.org/AVG-2258	36.0.0
2025-03-28T07:46:27.969949+00:00	Arch Linux Importer	Affected by	VCID-ewmf-ncfy-aaas	https://security.archlinux.org/AVG-2258	36.0.0
2024-09-18T02:01:44.691111+00:00	Arch Linux Importer	Affected by	VCID-dq4w-ytv8-aaaj	https://security.archlinux.org/AVG-2258	34.0.1
2024-09-18T02:01:44.670066+00:00	Arch Linux Importer	Affected by	VCID-11fp-nddr-aaah	https://security.archlinux.org/AVG-2258	34.0.1
2024-09-18T02:01:44.645908+00:00	Arch Linux Importer	Affected by	VCID-ewmf-ncfy-aaas	https://security.archlinux.org/AVG-2258	34.0.1
2024-01-03T22:27:50.222893+00:00	Arch Linux Importer	Affected by	VCID-dq4w-ytv8-aaaj	https://security.archlinux.org/AVG-2258	34.0.0rc1
2024-01-03T22:27:50.201170+00:00	Arch Linux Importer	Affected by	VCID-11fp-nddr-aaah	https://security.archlinux.org/AVG-2258	34.0.0rc1
2024-01-03T22:27:50.176994+00:00	Arch Linux Importer	Affected by	VCID-ewmf-ncfy-aaas	https://security.archlinux.org/AVG-2258	34.0.0rc1