CVE-2017-6363
27.02.2020, 05:15
In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since the GD and GD2 formats are documented to be 'obsolete, and should only be used for development and testing purposes.'Enginsight
| Vendor | Product | Version |
|---|---|---|
| libgd | libgd | 𝑥 ≤ 2.2.5 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| libgd2 |
| ||||||||||||||||||||||||||
| php5 |
| ||||||||||||||||||||||||||
| php7.0 |
| ||||||||||||||||||||||||||
| php7.2 |
| ||||||||||||||||||||||||||
| php7.3 |
| ||||||||||||||||||||||||||
| php7.4 |
|
Common Weakness Enumeration