4 matches found
CVE-2026-55380
Pillow (Python imaging library) vulnerability: Prior to 12.3.0, in GdImageFile._open(), image dimensions were read from the GD 2.x header and stored in self._size without invoking Image._decompression_bomb_check(), allowing a crafted .gd file to trigger excessive C-heap allocation. Impact: potent...
Malicious code in gd-header (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7f4633cf317e4b2fdcf4a02c42b75cdaf9615270767e8b0d7489d7a40a922f15 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-3308 Malicious code in gd-header (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7f4633cf317e4b2fdcf4a02c42b75cdaf9615270767e8b0d7489d7a40a922f15 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
UBUNTU-CVE-2016-5766
Integer overflow in the gd2GetHeader function in gdgd2.c in the GD Graphics Library aka libgd before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly ha...