cbcvebase.

Debian Libgd2 vulnerabilities

53 known vulnerabilities affecting debian/libgd2.

Total CVEs
53
CISA KEV
0
Public exploits
6
Exploited in wild
0
Severity breakdown
CRITICAL9HIGH11MEDIUM18LOW15

Vulnerabilities

Page 3 of 3
CVE-2016-6161P4MEDIUMCVSS 6.5fixed in libgd2 2.2.1-1 (bookworm)2016
CVE-2016-6161 [MEDIUM] CVE-2016-6161: libgd2 - The output function in gd_gif_out.c in the GD Graphics Library (aka libgd) allow... The output function in gd_gif_out.c in the GD Graphics Library (aka libgd) allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image. Scope: local bookworm: resolved (fixed in 2.2.1-1) bullseye: resolved (fixed in 2.2.1-1) forky: resolved (fixed in 2.2.1-1) sid: resolved (fixed in 2.2.1-1) trixie: resolved (fixed in 2.2.1-1)
debian
CVE-2016-9317P4MEDIUMCVSS 5.5fixed in libgd2 2.2.4-1 (bookworm)2016
CVE-2016-9317 [MEDIUM] CVE-2016-9317: libgd2 - The gdImageCreate function in the GD Graphics Library (aka libgd) before 2.2.4 a... The gdImageCreate function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (system hang) via an oversized image. Scope: local bookworm: resolved (fixed in 2.2.4-1) bullseye: resolved (fixed in 2.2.4-1) forky: resolved (fixed in 2.2.4-1) sid: resolved (fixed in 2.2.4-1) trixie: resolved (fixed in 2.2.4-1)
debian
CVE-2016-6911P4MEDIUMCVSS 5.5fixed in libgd2 2.2.3-87-gd0fec80-2 (bookworm)2016
CVE-2016-6911 [MEDIUM] CVE-2016-6911: libgd2 - The dynamicGetbuf function in the GD Graphics Library (aka libgd) before 2.2.4 a... The dynamicGetbuf function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image. Scope: local bookworm: resolved (fixed in 2.2.3-87-gd0fec80-2) bullseye: resolved (fixed in 2.2.3-87-gd0fec80-2) forky: resolved (fixed in 2.2.3-87-gd0fec80-2) sid: resolved (fixed in 2.2.3-
debian
CVE-2006-4484P4MEDIUMCVSS 2.6fixed in libgd2 2.0.33-5.1 (bookworm)2006
CVE-2006-4484 [LOW] CVE-2006-4484: libgd2 - Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the ... Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array. Scope: local bookworm: resolved (fixed in 2.0.33-5.1) bullseye: resolved (fixed in 2
debian
CVE-2007-3472P4LOWCVSS 4.3fixed in libgd2 2.0.35.dfsg-1 (bookworm)2007
CVE-2007-3472 [MEDIUM] CVE-2007-3472: libgd2 - Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (... Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified attack vectors and impact. Scope: local bookworm: resolved (fixed in 2.0.35.dfsg-1) bullseye: resolved (fixed in 2.0.35.dfsg-1) forky: resolved (fixed in 2.0.35.dfsg-1) sid: resolved (fixed in 2.0.35.dfsg-1) tr
debian
CVE-2016-10167P4MEDIUMCVSS 5.5fixed in libgd2 2.2.4-1 (bookworm)2016
CVE-2016-10167 [MEDIUM] CVE-2016-10167: libgd2 - The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka... The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file. Scope: local bookworm: resolved (fixed in 2.2.4-1) bullseye: resolved (fixed in 2.2.4-1) forky: resolved (fixed in 2.2.4-1) sid: resolved (fixed in 2.2.4-1) trixie: re
debian
CVE-2016-6906P4MEDIUMCVSS 5.5fixed in libgd2 2.2.4-1 (bookworm)2016
CVE-2016-6906 [MEDIUM] CVE-2016-6906: libgd2 - The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) b... The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file, related to the decompression buffer. Scope: local bookworm: resolved (fixed in 2.2.4-1) bullseye: resolved (fixed in 2.2.4-1) forky: resolved (fixed in 2.2.4-1) sid: resolved (fix
debian
CVE-2007-3477P4LOWCVSS 5.0fixed in libgd2 2.0.35.dfsg-1 (bookworm)2007
CVE-2007-3477 [MEDIUM] CVE-2007-3477: libgd2 - The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd)... The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allow attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value. Scope: local bookworm: resolved (fixed in 2.0.35.dfsg-1) bullseye: resolved (fixed in 2.0.35.dfsg-1) forky: resolved (fixed in 2.0.35.dfsg-1) sid: resolved (f
debian
CVE-2007-2445P4LOWCVSS 5.0fixed in libgd2 2.0.35.dfsg-1 (bookworm)2007
CVE-2007-2445 [MEDIUM] CVE-2007-2445: libgd2 - The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x bef... The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service (application crash) via a grayscale PNG image with a bad tRNS chunk CRC value. Scope: local bookworm: resolved (fixed in 2.0.35.dfsg-1) bullseye: resolved (fixed in 2.0.35.dfsg-1) forky: resolved (fixed in 2.0.35.dfsg-1) sid:
debian
CVE-2007-2756P4LOWCVSS 4.3fixed in libgd2 2.0.35.dfsg-1 (bookworm)2007
CVE-2007-2756 [MEDIUM] CVE-2007-2756: libgd2 - The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cau... The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng. Scope: local bookworm: resolved (fixed in 2.0.35.dfsg-1) bullseye: resolved (fixed in 2.0.35.dfsg-1) forky: resolved (fixed in 2.0.3
debian
CVE-2007-3476P4LOWCVSS 4.3fixed in libgd2 2.0.35.dfsg-1 (bookworm)2007
CVE-2007-3476 [MEDIUM] CVE-2007-3476: libgd2 - Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.3... Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault. Scope: local bookworm: resolved (fixed in 2.0.35.dfsg-1) bullseye: resolved (fixed in 2.0.35.dfsg-1)
debian
CVE-2007-3478P4LOWCVSS 4.3fixed in libgd2 2.0.35.dfsg-1 (bookworm)2007
CVE-2007-3478 [MEDIUM] CVE-2007-3478: libgd2 - Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graph... Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors, possibly involving truetype font (TTF) support. Scope: local bookworm: resolved (fixed in 2.0.35.dfsg-1) bullseye: resolved (fixed in 2.0.35.dfsg-1) forky:
debian
CVE-2007-3475P4LOWCVSS 4.3fixed in libgd2 2.0.35.dfsg-1 (bookworm)2007
CVE-2007-3475 [MEDIUM] CVE-2007-3475: libgd2 - The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attack... The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map. Scope: local bookworm: resolved (fixed in 2.0.35.dfsg-1) bullseye: resolved (fixed in 2.0.35.dfsg-1) forky: resolved (fixed in 2.0.35.dfsg-1) sid: resolved (fixed in 2.0.35.dfsg-1) trixie: resolved (fix
debian
Debian Libgd2 vulnerabilities | cvebase