Lucene search

Veracode Vulnerability DatabaseVERACODE:25353

HistoryMay 10, 2020 - 11:27 p.m.

Denial Of Service (DoS)

2020-05-1023:27:44

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.007 Low

EPSS

Percentile

80.5%

JSON

gd is vulnerable to denial of service(DoS). The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file, related to the decompression buffer.

CPENameOperatorVersion
gd:3.3eq2.1.1-r2
gd:3.3eq2.1.1-r2

CPE	Name	Operator	Version
	gd:3.3	eq	2.1.1-r2
	gd:3.3	eq	2.1.1-r2

References

www.debian.org/security/2017/dsa-3777

www.securityfocus.com/bid/96503

github.com/libgd/libgd/blob/gd-2.2.4/CHANGELOG.md

github.com/libgd/libgd/commit/58b6dde319c301b0eae27d12e2a659e067d80558

github.com/libgd/libgd/commit/fb0e0cce0b9f25389ab56604c3547351617e1415

0.007 Low

EPSS

Percentile

80.5%

JSON

Related for VERACODE:25353