Debian Libgd2 vulnerabilities

57 known vulnerabilities affecting debian/libgd2.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL9HIGH11MEDIUM18LOW19

Vulnerabilities

Page 3 of 3

CVE-2009-3546MEDIUMCVSS 7.5fixed in libgd2 2.0.36~rc1~dfsg-3.1 (bookworm)2009

CVE-2009-3546 [HIGH] CVE-2009-3546: libgd2 - The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and t... The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtaine

debian

CVE-2008-5498LOWCVSS 5.0PoC2008

CVE-2008-5498 [MEDIUM] CVE-2008-5498: libgd2 - Array index error in the imageRotate function in PHP 5.2.8 and earlier allows co... Array index error in the imageRotate function in PHP 5.2.8 and earlier allows context-dependent attackers to read the contents of arbitrary memory locations via a crafted value of the third argument (aka the bgd_color or clrBack argument) for an indexed image. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

debian

CVE-2007-3996MEDIUMCVSS 6.8fixed in libgd2 2.0.35.dfsg-1 (bookworm)2007

CVE-2007-3996 [MEDIUM] CVE-2007-3996: libgd2 - Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers t... Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large (1) srcW or (2) srcH value to the (a) gdImageCopyResized function, or a large (3) sy (height) or (4) sx (width) value to the (b) gdImageCreate or the (c) gdImageCreateTrueColor function. Scope:

debian

CVE-2007-1001MEDIUMCVSS 6.8PoCfixed in libgd2 2.0.33-1 (bookworm)2007

CVE-2007-1001 [MEDIUM] CVE-2007-1001: libgd2 - Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in w... Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap (WBMP) images with large width or height values. Scope: local bookworm: resolved (fixed in 2.0.33-1) bullseye: resolved (fixed

debian

CVE-2007-2756LOWCVSS 4.3fixed in libgd2 2.0.35.dfsg-1 (bookworm)2007

CVE-2007-2756 [MEDIUM] CVE-2007-2756: libgd2 - The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cau... The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng. Scope: local bookworm: resolved (fixed in 2.0.35.dfsg-1) bullseye: resolved (fixed in 2.0.35.dfsg-1) forky: resolved (fixed in 2.0.3

debian

CVE-2007-3475LOWCVSS 4.3fixed in libgd2 2.0.35.dfsg-1 (bookworm)2007

CVE-2007-3475 [MEDIUM] CVE-2007-3475: libgd2 - The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attack... The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map. Scope: local bookworm: resolved (fixed in 2.0.35.dfsg-1) bullseye: resolved (fixed in 2.0.35.dfsg-1) forky: resolved (fixed in 2.0.35.dfsg-1) sid: resolved (fixed in 2.0.35.dfsg-1) trixie: resolved (fix

debian

CVE-2007-3473LOWCVSS 4.3PoCfixed in libgd2 2.0.35.dfsg-1 (bookworm)2007

CVE-2007-3473 [MEDIUM] CVE-2007-3473: libgd2 - The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 a... The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure. Scope: local bookworm: resolved (fixed in 2.0.35.dfsg-1) bullseye: resolved (fixed in 2.0.35.dfsg-1) forky: resolved (fixed in 2.0.35.dfsg-1) sid: resolved

debian

CVE-2007-0455LOWCVSS 7.5fixed in libgd2 2.0.35.dfsg-1 (bookworm)2007

CVE-2007-0455 [HIGH] CVE-2007-0455: libgd2 - Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Libra... Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font. Scope: local bookworm: resolved (fixed in 2.0.35.dfsg-1) bullseye: resolved (fixed in 2.0.35.dfsg-1) forky: resolv

debian

CVE-2007-2445LOWCVSS 5.0fixed in libgd2 2.0.35.dfsg-1 (bookworm)2007

CVE-2007-2445 [MEDIUM] CVE-2007-2445: libgd2 - The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x bef... The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service (application crash) via a grayscale PNG image with a bad tRNS chunk CRC value. Scope: local bookworm: resolved (fixed in 2.0.35.dfsg-1) bullseye: resolved (fixed in 2.0.35.dfsg-1) forky: resolved (fixed in 2.0.35.dfsg-1) sid:

debian

CVE-2007-3476LOWCVSS 4.3fixed in libgd2 2.0.35.dfsg-1 (bookworm)2007

CVE-2007-3476 [MEDIUM] CVE-2007-3476: libgd2 - Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.3... Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault. Scope: local bookworm: resolved (fixed in 2.0.35.dfsg-1) bullseye: resolved (fixed in 2.0.35.dfsg-1)

debian

CVE-2007-3477LOWCVSS 5.0fixed in libgd2 2.0.35.dfsg-1 (bookworm)2007

CVE-2007-3477 [MEDIUM] CVE-2007-3477: libgd2 - The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd)... The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allow attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value. Scope: local bookworm: resolved (fixed in 2.0.35.dfsg-1) bullseye: resolved (fixed in 2.0.35.dfsg-1) forky: resolved (fixed in 2.0.35.dfsg-1) sid: resolved (f

debian

CVE-2007-3478LOWCVSS 4.3fixed in libgd2 2.0.35.dfsg-1 (bookworm)2007

CVE-2007-3478 [MEDIUM] CVE-2007-3478: libgd2 - Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graph... Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors, possibly involving truetype font (TTF) support. Scope: local bookworm: resolved (fixed in 2.0.35.dfsg-1) bullseye: resolved (fixed in 2.0.35.dfsg-1) forky:

debian

CVE-2007-3472LOWCVSS 4.3fixed in libgd2 2.0.35.dfsg-1 (bookworm)2007

CVE-2007-3472 [MEDIUM] CVE-2007-3472: libgd2 - Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (... Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified attack vectors and impact. Scope: local bookworm: resolved (fixed in 2.0.35.dfsg-1) bullseye: resolved (fixed in 2.0.35.dfsg-1) forky: resolved (fixed in 2.0.35.dfsg-1) sid: resolved (fixed in 2.0.35.dfsg-1) tr

debian

CVE-2006-4484MEDIUMCVSS 2.6fixed in libgd2 2.0.33-5.1 (bookworm)2006

CVE-2006-4484 [LOW] CVE-2006-4484: libgd2 - Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the ... Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array. Scope: local bookworm: resolved (fixed in 2.0.33-5.1) bullseye: resolved (fixed in 2

debian

CVE-2006-2906LOWCVSS 5.4PoCfixed in libgd2 2.0.33-5 (bookworm)2006

CVE-2006-2906 [MEDIUM] CVE-2006-2906: libgd2 - The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell g... The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell graphics draw (GD) library (aka libgd) 2.0.33 allows remote attackers to cause a denial of service (CPU consumption) via malformed GIF data that causes an infinite loop. Scope: local bookworm: resolved (fixed in 2.0.33-5) bullseye: resolved (fixed in 2.0.33-5) forky: resolved (fixed in 2.0

debian

CVE-2004-0990CRITICALCVSS 10.0PoCfixed in libgd2 2.0.30-1 (bookworm)2004

CVE-2004-0990 [CRITICAL] CVE-2004-0990: libgd2 - Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly othe... Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941.

debian

CVE-2004-0941CRITICALCVSS 10.0fixed in libgd2 2.0.33-1.1 (bookworm)2004

CVE-2004-0941 [CRITICAL] CVE-2004-0941: libgd2 - Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier ... Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than CVE-2004-0990. Scope: local bookworm: resolved (fixed in 2.0.33-1.1) bullseye: resolved (fixe

debian

← Previous3 / 3