Lucene search

K
ubuntuUbuntuUSN-4316-1
HistoryApr 02, 2020 - 12:00 a.m.

GD Graphics Library vulnerabilities

2020-04-0200:00:00
ubuntu.com
68

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.013 Low

EPSS

Percentile

86.0%

Releases

  • Ubuntu 19.10
  • Ubuntu 18.04 ESM
  • Ubuntu 16.04 ESM

Packages

  • libgd2 - Open source code library for the dynamic creation of images

Details

It was discovered that GD Graphics Library incorrectly handled cloning an
image. An attacker could possibly use this issue to cause GD Graphics Library
to crash, resulting in a denial of service. (CVE-2018-14553)

It was discovered that GD Graphics Library incorrectly handled loading images
from X bitmap format files. An attacker could possibly use this issue to cause
GD Graphics Library to crash, resulting in a denial of service, or to disclose
contents of the stack that has been left there by previous code. This issue
only affected Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. (CVE-2019-11038)

OSVersionArchitecturePackageVersionFilename
Ubuntu19.10noarchlibgd-tools< 2.2.5-5.2ubuntu0.19.10.1UNKNOWN
Ubuntu19.10noarchlibgd-dev< 2.2.5-5.2ubuntu0.19.10.1UNKNOWN
Ubuntu19.10noarchlibgd-tools-dbgsym< 2.2.5-5.2ubuntu0.19.10.1UNKNOWN
Ubuntu19.10noarchlibgd3< 2.2.5-5.2ubuntu0.19.10.1UNKNOWN
Ubuntu19.10noarchlibgd3-dbgsym< 2.2.5-5.2ubuntu0.19.10.1UNKNOWN
Ubuntu18.04noarchlibgd-tools< 2.2.5-4ubuntu0.4UNKNOWN
Ubuntu18.04noarchlibgd-dev< 2.2.5-4ubuntu0.4UNKNOWN
Ubuntu18.04noarchlibgd-tools-dbgsym< 2.2.5-4ubuntu0.4UNKNOWN
Ubuntu18.04noarchlibgd3< 2.2.5-4ubuntu0.4UNKNOWN
Ubuntu18.04noarchlibgd3-dbgsym< 2.2.5-4ubuntu0.4UNKNOWN
Rows per page:
1-10 of 171

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.013 Low

EPSS

Percentile

86.0%