0.013 Low
EPSS
Percentile
86.0%
gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).
bugzilla.redhat.com/show_bug.cgi?id=1600727
nvd.nist.gov/vuln/detail/CVE-2018-14553
www.cve.org/CVERecord?id=CVE-2018-14553