Debian Libgd2 vulnerabilities
53 known vulnerabilities affecting debian/libgd2.
Total CVEs
53
CISA KEV
0
Public exploits
6
Exploited in wild
0
Severity breakdown
CRITICAL9HIGH11MEDIUM18LOW15
Vulnerabilities
Page 3 of 3
CVE-2016-6161P4MEDIUMCVSS 6.5fixed in libgd2 2.2.1-1 (bookworm)2016
CVE-2016-6161 [MEDIUM] CVE-2016-6161: libgd2 - The output function in gd_gif_out.c in the GD Graphics Library (aka libgd) allow...
The output function in gd_gif_out.c in the GD Graphics Library (aka libgd) allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image.
Scope: local
bookworm: resolved (fixed in 2.2.1-1)
bullseye: resolved (fixed in 2.2.1-1)
forky: resolved (fixed in 2.2.1-1)
sid: resolved (fixed in 2.2.1-1)
trixie: resolved (fixed in 2.2.1-1)
debian
CVE-2016-9317P4MEDIUMCVSS 5.5fixed in libgd2 2.2.4-1 (bookworm)2016
CVE-2016-9317 [MEDIUM] CVE-2016-9317: libgd2 - The gdImageCreate function in the GD Graphics Library (aka libgd) before 2.2.4 a...
The gdImageCreate function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (system hang) via an oversized image.
Scope: local
bookworm: resolved (fixed in 2.2.4-1)
bullseye: resolved (fixed in 2.2.4-1)
forky: resolved (fixed in 2.2.4-1)
sid: resolved (fixed in 2.2.4-1)
trixie: resolved (fixed in 2.2.4-1)
debian
CVE-2016-6911P4MEDIUMCVSS 5.5fixed in libgd2 2.2.3-87-gd0fec80-2 (bookworm)2016
CVE-2016-6911 [MEDIUM] CVE-2016-6911: libgd2 - The dynamicGetbuf function in the GD Graphics Library (aka libgd) before 2.2.4 a...
The dynamicGetbuf function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image.
Scope: local
bookworm: resolved (fixed in 2.2.3-87-gd0fec80-2)
bullseye: resolved (fixed in 2.2.3-87-gd0fec80-2)
forky: resolved (fixed in 2.2.3-87-gd0fec80-2)
sid: resolved (fixed in 2.2.3-
debian
CVE-2006-4484P4MEDIUMCVSS 2.6fixed in libgd2 2.0.33-5.1 (bookworm)2006
CVE-2006-4484 [LOW] CVE-2006-4484: libgd2 - Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the ...
Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array.
Scope: local
bookworm: resolved (fixed in 2.0.33-5.1)
bullseye: resolved (fixed in 2
debian
CVE-2007-3472P4LOWCVSS 4.3fixed in libgd2 2.0.35.dfsg-1 (bookworm)2007
CVE-2007-3472 [MEDIUM] CVE-2007-3472: libgd2 - Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (...
Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified attack vectors and impact.
Scope: local
bookworm: resolved (fixed in 2.0.35.dfsg-1)
bullseye: resolved (fixed in 2.0.35.dfsg-1)
forky: resolved (fixed in 2.0.35.dfsg-1)
sid: resolved (fixed in 2.0.35.dfsg-1)
tr
debian
CVE-2016-10167P4MEDIUMCVSS 5.5fixed in libgd2 2.2.4-1 (bookworm)2016
CVE-2016-10167 [MEDIUM] CVE-2016-10167: libgd2 - The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka...
The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file.
Scope: local
bookworm: resolved (fixed in 2.2.4-1)
bullseye: resolved (fixed in 2.2.4-1)
forky: resolved (fixed in 2.2.4-1)
sid: resolved (fixed in 2.2.4-1)
trixie: re
debian
CVE-2016-6906P4MEDIUMCVSS 5.5fixed in libgd2 2.2.4-1 (bookworm)2016
CVE-2016-6906 [MEDIUM] CVE-2016-6906: libgd2 - The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) b...
The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file, related to the decompression buffer.
Scope: local
bookworm: resolved (fixed in 2.2.4-1)
bullseye: resolved (fixed in 2.2.4-1)
forky: resolved (fixed in 2.2.4-1)
sid: resolved (fix
debian
CVE-2007-3477P4LOWCVSS 5.0fixed in libgd2 2.0.35.dfsg-1 (bookworm)2007
CVE-2007-3477 [MEDIUM] CVE-2007-3477: libgd2 - The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd)...
The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allow attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value.
Scope: local
bookworm: resolved (fixed in 2.0.35.dfsg-1)
bullseye: resolved (fixed in 2.0.35.dfsg-1)
forky: resolved (fixed in 2.0.35.dfsg-1)
sid: resolved (f
debian
CVE-2007-2445P4LOWCVSS 5.0fixed in libgd2 2.0.35.dfsg-1 (bookworm)2007
CVE-2007-2445 [MEDIUM] CVE-2007-2445: libgd2 - The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x bef...
The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service (application crash) via a grayscale PNG image with a bad tRNS chunk CRC value.
Scope: local
bookworm: resolved (fixed in 2.0.35.dfsg-1)
bullseye: resolved (fixed in 2.0.35.dfsg-1)
forky: resolved (fixed in 2.0.35.dfsg-1)
sid:
debian
CVE-2007-2756P4LOWCVSS 4.3fixed in libgd2 2.0.35.dfsg-1 (bookworm)2007
CVE-2007-2756 [MEDIUM] CVE-2007-2756: libgd2 - The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cau...
The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.
Scope: local
bookworm: resolved (fixed in 2.0.35.dfsg-1)
bullseye: resolved (fixed in 2.0.35.dfsg-1)
forky: resolved (fixed in 2.0.3
debian
CVE-2007-3476P4LOWCVSS 4.3fixed in libgd2 2.0.35.dfsg-1 (bookworm)2007
CVE-2007-3476 [MEDIUM] CVE-2007-3476: libgd2 - Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.3...
Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault.
Scope: local
bookworm: resolved (fixed in 2.0.35.dfsg-1)
bullseye: resolved (fixed in 2.0.35.dfsg-1)
debian
CVE-2007-3478P4LOWCVSS 4.3fixed in libgd2 2.0.35.dfsg-1 (bookworm)2007
CVE-2007-3478 [MEDIUM] CVE-2007-3478: libgd2 - Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graph...
Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors, possibly involving truetype font (TTF) support.
Scope: local
bookworm: resolved (fixed in 2.0.35.dfsg-1)
bullseye: resolved (fixed in 2.0.35.dfsg-1)
forky:
debian
CVE-2007-3475P4LOWCVSS 4.3fixed in libgd2 2.0.35.dfsg-1 (bookworm)2007
CVE-2007-3475 [MEDIUM] CVE-2007-3475: libgd2 - The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attack...
The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map.
Scope: local
bookworm: resolved (fixed in 2.0.35.dfsg-1)
bullseye: resolved (fixed in 2.0.35.dfsg-1)
forky: resolved (fixed in 2.0.35.dfsg-1)
sid: resolved (fixed in 2.0.35.dfsg-1)
trixie: resolved (fix
debian
← Previous3 / 3