Search for packages
| purl | pkg:deb/debian/libgd2@2.0.36~rc1~dfsg-5%2Bdeb6u1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-4mzu-vbm6-k7cz
Aliases: CVE-2016-9317 |
Affected by 31 other vulnerabilities. Affected by 9 other vulnerabilities. |
|
|
VCID-4qdx-hh7p-abas
Aliases: CVE-2019-6977 |
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data. |
Affected by 9 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
VCID-4w5h-5yab-skdt
Aliases: CVE-2019-11038 |
When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code. |
Affected by 2 other vulnerabilities. |
|
VCID-81pa-sz14-vba3
Aliases: CVE-2016-10167 |
Affected by 31 other vulnerabilities. Affected by 9 other vulnerabilities. |
|
|
VCID-91ng-qz1v-2yf3
Aliases: CVE-2015-8874 |
Affected by 31 other vulnerabilities. Affected by 9 other vulnerabilities. |
|
|
VCID-auqd-nyk2-gye7
Aliases: CVE-2018-14553 |
gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled). |
Affected by 3 other vulnerabilities. |
|
VCID-bcyv-gp2g-8bcn
Aliases: CVE-2014-2497 |
Affected by 33 other vulnerabilities. Affected by 31 other vulnerabilities. |
|
|
VCID-dba7-grfn-vyde
Aliases: CVE-2019-6978 |
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected. |
Affected by 9 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
VCID-gmw6-m6nb-k3hn
Aliases: CVE-2016-5766 |
Affected by 31 other vulnerabilities. Affected by 9 other vulnerabilities. |
|
|
VCID-jxaz-b4aa-jyaa
Aliases: CVE-2017-6363 |
In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since the GD and GD2 formats are documented to be 'obsolete, and should only be used for development and testing purposes.' |
Affected by 3 other vulnerabilities. |
|
VCID-kvk5-4x92-53b7
Aliases: CVE-2016-6911 |
Affected by 31 other vulnerabilities. Affected by 9 other vulnerabilities. |
|
|
VCID-mahd-utea-gqdf
Aliases: CVE-2016-5116 |
Affected by 31 other vulnerabilities. Affected by 9 other vulnerabilities. |
|
|
VCID-n5u1-khxk-9ued
Aliases: CVE-2016-10166 |
Affected by 31 other vulnerabilities. Affected by 9 other vulnerabilities. |
|
|
VCID-nf12-9326-hkdg
Aliases: CVE-2015-8877 |
Affected by 31 other vulnerabilities. Affected by 9 other vulnerabilities. |
|
|
VCID-nsh2-4pqj-muex
Aliases: CVE-2017-6362 |
Affected by 31 other vulnerabilities. Affected by 9 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
|
VCID-p5ct-3v6k-fbe7
Aliases: CVE-2016-7568 |
Affected by 31 other vulnerabilities. Affected by 9 other vulnerabilities. |
|
|
VCID-ph4j-f15w-1yek
Aliases: CVE-2018-1000222 |
Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack appear to be exploitable via Specially Crafted Jpeg Image can trigger double free. This vulnerability appears to have been fixed in after commit ac16bdf2d41724b5a65255d4c28fb0ec46bc42f5. |
Affected by 2 other vulnerabilities. |
|
VCID-qfq2-97fu-9ka9
Aliases: CVE-2016-3074 |
Affected by 33 other vulnerabilities. Affected by 31 other vulnerabilities. Affected by 9 other vulnerabilities. |
|
|
VCID-r9e9-d1xm-13dz
Aliases: CVE-2016-6128 |
Affected by 31 other vulnerabilities. Affected by 9 other vulnerabilities. |
|
|
VCID-rn2u-rk14-83ek
Aliases: CVE-2016-6912 |
Affected by 31 other vulnerabilities. Affected by 9 other vulnerabilities. |
|
|
VCID-rs9e-1wp9-53bf
Aliases: CVE-2016-6132 |
Affected by 31 other vulnerabilities. Affected by 9 other vulnerabilities. |
|
|
VCID-ruts-tjbk-bke3
Aliases: CVE-2016-6207 |
Affected by 31 other vulnerabilities. Affected by 9 other vulnerabilities. |
|
|
VCID-rypm-kqbq-97eq
Aliases: CVE-2017-7890 |
Affected by 31 other vulnerabilities. Affected by 9 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
|
VCID-sbmn-xqsa-8uef
Aliases: CVE-2016-9933 |
Affected by 31 other vulnerabilities. Affected by 9 other vulnerabilities. |
|
|
VCID-t8j7-c8bj-kuhp
Aliases: CVE-2016-10168 |
Affected by 31 other vulnerabilities. Affected by 9 other vulnerabilities. |
|
|
VCID-tnse-6k8p-wkah
Aliases: CVE-2016-6214 |
Affected by 31 other vulnerabilities. Affected by 9 other vulnerabilities. |
|
|
VCID-txzr-w2tm-k7bv
Aliases: CVE-2013-7456 |
Affected by 31 other vulnerabilities. Affected by 9 other vulnerabilities. |
|
|
VCID-u2tr-c7qt-9ycm
Aliases: CVE-2018-5711 |
gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or imagecreatefromstring PHP function. This is related to GetCode_ and gdImageCreateFromGifCtx. |
Affected by 2 other vulnerabilities. |
|
VCID-upmb-zkje-t3cj
Aliases: CVE-2016-8670 |
Affected by 31 other vulnerabilities. Affected by 9 other vulnerabilities. |
|
|
VCID-wk4d-gyju-u7eq
Aliases: CVE-2016-6906 |
Affected by 31 other vulnerabilities. Affected by 9 other vulnerabilities. |
|
|
VCID-xmyy-upvz-skgv
Aliases: CVE-2014-9709 |
Affected by 33 other vulnerabilities. Affected by 31 other vulnerabilities. |
|
|
VCID-yhyy-kwuu-17ff
Aliases: CVE-2016-6161 |
Affected by 31 other vulnerabilities. Affected by 9 other vulnerabilities. |
|
|
VCID-ymbm-jzkt-kyct
Aliases: CVE-2016-6905 |
gd: Out-of-bounds read in function read_image_tga in gd_tga.c |
Affected by 31 other vulnerabilities. Affected by 9 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||