VulnerableCode Package Details - pkg:deb/ubuntu/libgd2@2.2.5-5.2ubuntu2

Search for packages

Package details: pkg:deb/ubuntu/libgd2@2.2.5-5.2ubuntu2

Essentials
History (0)

purl	pkg:deb/ubuntu/libgd2@2.2.5-5.2ubuntu2

Next non-vulnerable version	2.2.5-5.2ubuntu2.1
Latest non-vulnerable version	2.2.5-5.2ubuntu2.1
Risk	3.6

Vulnerabilities affecting this package (3)

Vulnerability	Summary	Fixed by
VCID-11fp-nddr-aaah Aliases: CVE-2021-40145	gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka LibGD) through 2.3.2 has a double free. NOTE: the vendor's position is "The GD2 image format is a proprietary image format of libgd. It has to be regarded as being obsolete, and should only be used for development and testing purposes.	2.2.5-5.2ubuntu2.1 Affected by 0 other vulnerabilities.
VCID-dq4w-ytv8-aaaj Aliases: CVE-2021-38115	read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) through 2.3.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.	2.2.5-5.2ubuntu2.1 Affected by 0 other vulnerabilities.
VCID-tdps-rxdb-aaar Aliases: CVE-2017-6363	In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since the GD and GD2 formats are documented to be 'obsolete, and should only be used for development and testing purposes.'	2.2.5-5.2ubuntu2.1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version