Search CVE reports
31 – 40 of 58 results
CVE-2016-6128
Medium priorityThe gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 7.0.9, allows remote attackers to cause a denial of service (application crash) via an invalid color index.
3 affected packages
libgd2, php5, php7.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libgd2 | — | — | — | — | Fixed |
| php5 | — | — | — | — | Not in release |
| php7.0 | — | — | — | — | Not affected |
CVE-2016-5766
Medium priorityInteger overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of...
3 affected packages
libgd2, php5, php7.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libgd2 | — | — | — | — | Fixed |
| php5 | — | — | — | — | Not in release |
| php7.0 | — | — | — | — | Not affected |
CVE-2016-5116
Low prioritygd_xbm.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in certain custom PHP 5.5.x configurations, allows context-dependent attackers to obtain sensitive information from process memory or cause a denial of service...
3 affected packages
libgd2, php5, php7.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libgd2 | — | — | — | — | Fixed |
| php5 | — | — | — | — | Not in release |
| php7.0 | — | — | — | — | Not affected |
CVE-2013-7456
Low prioritygd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly...
3 affected packages
libgd2, php5, php7.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libgd2 | — | — | — | — | Not affected |
| php5 | — | — | — | — | Not in release |
| php7.0 | — | — | — | — | Not affected |
CVE-2015-8877
Low priorityThe gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a...
3 affected packages
libgd2, php5, php7.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libgd2 | — | — | — | — | Fixed |
| php5 | — | — | — | — | Not in release |
| php7.0 | — | — | — | — | Not affected |
CVE-2015-8874
Low priorityStack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call.
3 affected packages
libgd2, php5, php7.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libgd2 | — | — | — | — | Fixed |
| php5 | — | — | — | — | Not in release |
| php7.0 | — | — | — | — | Not affected |
CVE-2016-3074
Medium priorityInteger signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers...
3 affected packages
libgd2, php5, php7.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libgd2 | — | — | — | — | Fixed |
| php5 | — | — | — | — | Not in release |
| php7.0 | — | — | — | — | Not affected |
CVE-2016-1903
Low prioritySome fixes available 2 of 3
The gdImageRotateInterpolated function in ext/gd/libgd/gd_interpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or cause a denial of service...
3 affected packages
libgd2, php5, php7.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libgd2 | — | — | — | — | Not affected |
| php5 | — | — | — | — | Not in release |
| php7.0 | — | — | — | — | Not affected |
CVE-2014-9709
Low prioritySome fixes available 2 of 4
The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF...
2 affected packages
libgd2, php5
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libgd2 | — | — | — | — | Not affected |
| php5 | — | — | — | — | Not in release |
CVE-2014-5120
Medium prioritygd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application...
2 affected packages
libgd2, php5
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libgd2 | — | — | — | — | — |
| php5 | — | — | — | — | — |