Astra Linux - уязвимость в libgd2

In the GD Graphics Library also known as LibGD, from version 2.2.5 onwards, there is a heap-based buffer over-read issue in tiffWriter within the gdtiff.c file. NOTE: The vendor states that “In my opinion, this issue should not have a CVE, since the GD and GD2 formats are documented as ‘obsolete’...

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : GD library vulnerabilities (USN-5068-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5068-1 advisory. It was discovered that GD Graphics Library incorrectly handled certain GD and GD2 files. An attacker could possibly use this issu...

Heap-based Buffer Overflow

libgd.so is vulnerable to heap-based buffer overflows. The overflows can be triggered when the function gdImageTiffPtr of gdtiff.c reads input images of GD and GD2 formats and does not check the transparent index bounds of the palette. Note: this CVE is disputed because the vendor suggested GD an...

ALPINE-CVE-2017-6363

In the GD Graphics Library aka LibGD through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gdtiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since the GD and GD2 formats are documented to be 'obsolete, and should only be used for development and...