Low: libwmf

🗓️ 27 Oct 2020 00:00:00Reported by AmazonType

The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. PHP is unaffected. (CVE-2019-6978

Reporter	Title	Published	Views	Family All 155
IBM Security Bulletins	Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in PHP (CVE-2019-6978, CVE-2019-6977)	7 Dec 202322:45	–	ibm
IBM Security Bulletins	Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerabilities in PHP (CVE-2019-6977) (CVE-2019-6978)	9 Jan 202018:44	–	ibm
Tenable Nessus	Amazon Linux 2 : libwmf (ALAS-2019-1174)	8 Mar 201900:00	–	nessus
Tenable Nessus	Amazon Linux AMI : libwmf (ALAS-2019-1174)	26 Mar 201900:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0054: gd (ALINUX3-SA-2022:0054)	14 May 202500:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0059: libwmf (ALINUX3-SA-2022:0059)	14 May 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : libwmf (ALSA-2019:2722)	9 Feb 202200:00	–	nessus
Tenable Nessus	AlmaLinux 8 : gd (ALSA-2020:4659)	9 Feb 202200:00	–	nessus
Tenable Nessus	CentOS 8 : libwmf (CESA-2019:2722)	29 Jan 202100:00	–	nessus
Tenable Nessus	CentOS 8 : gd (CESA-2020:4659)	1 Feb 202100:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Amazon Linux	2	aarch64	libwmf	0.2.8.4-44.amzn2.0.1	libwmf-0.2.8.4-44.amzn2.0.1.aarch64.rpm
Amazon Linux	2	i686	libwmf	0.2.8.4-44.amzn2.0.1	libwmf-0.2.8.4-44.amzn2.0.1.i686.rpm
Amazon Linux	2	x86_64	libwmf	0.2.8.4-44.amzn2.0.1	libwmf-0.2.8.4-44.amzn2.0.1.x86_64.rpm
Amazon Linux	2	aarch64	libwmf-debuginfo	0.2.8.4-44.amzn2.0.1	libwmf-debuginfo-0.2.8.4-44.amzn2.0.1.aarch64.rpm
Amazon Linux	2	i686	libwmf-debuginfo	0.2.8.4-44.amzn2.0.1	libwmf-debuginfo-0.2.8.4-44.amzn2.0.1.i686.rpm
Amazon Linux	2	x86_64	libwmf-debuginfo	0.2.8.4-44.amzn2.0.1	libwmf-debuginfo-0.2.8.4-44.amzn2.0.1.x86_64.rpm
Amazon Linux	2	aarch64	libwmf-devel	0.2.8.4-44.amzn2.0.1	libwmf-devel-0.2.8.4-44.amzn2.0.1.aarch64.rpm
Amazon Linux	2	i686	libwmf-devel	0.2.8.4-44.amzn2.0.1	libwmf-devel-0.2.8.4-44.amzn2.0.1.i686.rpm
Amazon Linux	2	x86_64	libwmf-devel	0.2.8.4-44.amzn2.0.1	libwmf-devel-0.2.8.4-44.amzn2.0.1.x86_64.rpm
Amazon Linux	2	aarch64	libwmf-lite	0.2.8.4-44.amzn2.0.1	libwmf-lite-0.2.8.4-44.amzn2.0.1.aarch64.rpm

23 Sep 2025 00:00Current

9.7High risk

Vulners AI Score9.7

CVSS 27.5

CVSS 39.8

EPSS0.02941

libgd double free gdimage*ptr()gd_gif_out.c gd_jpeg.c gd_wbmp.c php unaffected cve-2019-6978 amazon linux 2 libwmf yum update