UBUNTU-CVE-2019-11925

Insufficient boundary checks when processing the JPEG APP12 block marker in the GD extension could allow access to out-of-bounds memory via a maliciously constructed invalid JPEG input. This issue affects HHVM versions prior to 3.30.9, all versions between 4.0.0 and 4.8.3, all versions between...

gd: Unsigned integer underflow _gdContributionsAlloc()

Integer underflow in the gdContributionsAlloc function in gdinterpolation.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable...

gd: Heap-based buffer overflow in gdImageColorMatch() in gd_color_match.c

gdImageColorMatch in gdcolormatch.c in the GD Graphics Library aka LibGD 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigg...

EulerOS 2.0 SP2 : gd (EulerOS-SA-2019-1715)

According to the version of the gd package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The GD Graphics Library aka LibGD 2.2.5 has a double free in the gdImagePtr functions in gdgifout.c, gdjpeg.c, and gdwbmp.c. NOTE: PHP is...

GD Graphics Library Double Release Vulnerability

GD Graphics Library libgd or libgd2 is an open source library for dynamically creating images. It supports the creation of charts, graphs, thumbnails and more. A security vulnerability exists in the 'gdImageBmpPt' parameter in GD Graphics Library version 2.2.5 and earlier. The vulnerability...

CVE-2019-11038

When using the gdImageCreateFromXbm function in the GD Graphics Library aka LibGD 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized...

UBUNTU-CVE-2019-11038

When using the gdImageCreateFromXbm function in the GD Graphics Library aka LibGD 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized...

CVE-2019-11038

When using the gdImageCreateFromXbm function in the GD Graphics Library aka LibGD 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized...

CVE-2019-11038

When using the gdImageCreateFromXbm function in the GD Graphics Library aka LibGD 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized...

UBUNTU-CVE-2019-11693

The bufferdata function in WebGL is vulnerable to a buffer overflow with specific graphics drivers on Linux. This could result in malicious content freezing a tab or triggering a potentially exploitable crash. Note: this issue only occurs on Linux. Other operating systems are unaffected.. This...

DEBIAN-CVE-2019-12219

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is an invalid free error in the SDL function SDLSetErrorREAL at SDLerror.c...

Denial Of Service (DoS) Through Infinite Loop

PHP is vulnerable to denial-of-service attacks. A remote unauthenticated attacker could cause denial of Service via infinite loop in imagecreatefromgif/imagecreatefromstring function in ext/gd/libgd/gdgifin.c. The affected component is GD Graphics Library...

Information Disclosure

PHP is vulnerable to information disclosure vulnerability. The vulnerability exists in gdImageCreateFromGifCtx in GD Graphics Library used in PHP. An attacker could use a specially crafted GIF image and read up to 762 bytes from stack...

Denial Of Service (DoS) Through Memory Corruption

PHP is vulnerable to denial of serviceDoS attacks. This occurs in the gdImageFillToBorder function in gd.c in the GD Graphics Library when passing a negative integer as the color parameter. A remote attacker could force a negative color identifier when calling the function which may crash the PHP...

Fedora Update for cairo FEDORA-2018-3a195026f5

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Denial Of Service (DoS)

Mozilla Thunderbird is vulnerable to buffer overflow vulnerability. This occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. An incorrect value being passed within the library during checks and results in a potentially exploitable crash...

OPENSUSE-SU-2019:1148-1 Security update for gd

This update for gd fixes the following issues: Security issues fixed: - CVE-2019-6977: Fixed a heap-based buffer overflow the GD Graphics Library used in the imagecolormatch function bsc1123361. - CVE-2019-6978: Fixed a double free in the gdImagePtr functions bsc1123522. This update was imported...

EulerOS Virtualization 2.5.4 : gd (EulerOS-SA-2019-1250)

According to the version of the gd package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - The GD Graphics Library aka LibGD 2.2.5 has a double free in the gdImagePtr functions in gdgifout.c, gdjpeg.c, and gdwbmp.c. NOTE: PHP is...

Cairo: Denial of service

Background Cairo is a 2D vector graphics library with cross-device output support. Description Multiple vulnerabilities have been discovered in Cairo. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There ...

SUSE SLED15 / SLES15 Security Update : gd (SUSE-SU-2019:0771-1)

This update for gd fixes the following issues : Security issues fixed : CVE-2019-6977: Fixed a heap-based buffer overflow the GD Graphics Library used in the imagecolormatch function bsc1123361. CVE-2019-6978: Fixed a double free in the gdImagePtr functions bsc1123522. Note that Tenable Network...