Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2021-40812
HistorySep 08, 2021 - 12:00 a.m.

CVE-2021-40812

2021-09-0800:00:00
ubuntu.com
ubuntu.com
12

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

47.2%

JSON

The GD Graphics Library (aka LibGD) through 2.3.2 has an out-of-bounds read
because of the lack of certain gdGetBuf and gdPutBuf return value checks.

Notes

Author Note
mdeslaur php uses the system libgd2
leosilva the fix proposed is a partial one that address BMP and WebP but not GIF. no complete fix available from upstream as of 2021-11-08
rodrigo-zaiden still no complete fix from upstream as of 2022-11-25.

Related

nessus 10
openvas 11
prion 1
cnvd 1
osv 2
debiancve 1
suse 1
mageia 1
cbl_mariner 2
cve 1
photon 3
debian 1
nessus
nessus
EulerOS 2.0 SP9 : gd (EulerOS-SA-2022-1024)
2022-01-28 00:00:00
SUSE SLED12 / SLES12 Security Update : gd (SUSE-SU-2021:3214-1)
2021-09-24 00:00:00
openSUSE 15 Security Update : gd (openSUSE-SU-2021:3236-1)
2021-09-28 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2021-0449)
2022-01-28 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:3214-1)
2021-09-24 00:00:00
openSUSE: Security Advisory for gd (openSUSE-SU-2021:3236-1)
2021-09-28 00:00:00
prion
prion
Out-of-bounds
2021-09-08 21:15:00
cnvd
cnvd
Libgd out-of-bounds read vulnerability (CNVD-2021-93898)
2021-09-09 00:00:00
osv
osv
CVE-2021-40812
2021-09-08 21:15:14
libgd2 - security update
2024-04-07 00:00:00
debiancve
debiancve
CVE-2021-40812
2021-09-08 21:15:00
suse
suse
Security update for gd (moderate)
2021-09-27 00:00:00
mageia
mageia
Updated libgd packages fix security vulnerability
2021-09-29 20:22:22
cbl_mariner
cbl_mariner
CVE-2021-40812 affecting package gd for versions less than 2.3.3-1
2022-06-26 03:29:37
CVE-2021-40812 affecting package gd 2.3.0-2.4
2021-12-17 20:09:30
cve
cve
CVE-2021-40812
2021-09-08 21:15:00
photon
photon
Moderate Photon OS Security Update - PHSA-2023-4.0-0438
2023-07-27 00:00:00
Moderate Photon OS Security Update - PHSA-2023-3.0-0612
2023-07-13 00:00:00
Critical Photon OS Security Update - PHSA-2021-0406
2021-10-20 00:00:00
debian
debian
[SECURITY] [DLA 3781-1] libgd2 security update
2024-04-06 23:26:18

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

47.2%

JSON
Related for UB:CVE-2021-40812
nessus10openvas11prion1cnvd1osv2debiancve1suse1mageia1cbl_mariner2cve1photon3debian1