4 matches found
EUVD-2026-41901
Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile.open read image dimensions from the GD 2.x header and stored them in self.size without calling Image.decompressionbombcheck, allowing a crafted .gd file to trigger excessive C-heap allocation when loaded. This iss...
Mandriva Security Advisory MDVSA-2009:284-1 (gd)
The remote host is missing an update to gd announced via advisory MDVSA-2009:284-1. OpenVAS Vulnerability Test $Id: mdksa20092841.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:284-1 gd Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
GD Graphics Library '_gdGetColors()' Buffer Overflow Vulnerability - Linux
GD Graphics Library is prone to a buffer overflow vulnerability. This VT may create FP and LSC SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
DEBIAN-CVE-2009-3546
The gdGetColors function in gdgd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different...