CVE Tools

thomas boutell

OSS LibrariesUSindividual-dev

6

Cumulative CVEs

4

Monthly snapshots

#102

Peak rank

Top products

gd graphics library3

Latest CVEs

The 15 most recently published vulnerabilities affecting thomas boutell.

CVE-2021-40812The GD Graphics Library (aka LibGD) through 2.3.2 has an out-of-bounds read because of the lack of certain gdGetBuf and gdPutBuf return value checks.6.5Sep 8, 2021
CVE-2021-40145gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka LibGD) through 2.3.2 has a double free. NOTE: the vendor's position is "The GD2 image format is a proprietary image format of libgd. It has...7.5Aug 26, 2021
CVE-2021-38115read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) through 2.3.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.6.5Aug 4, 2021
CVE-2017-6363In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since...8.1Feb 27, 2020
CVE-2018-14553gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked w...7.5Feb 11, 2020
CVE-2016-10166Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors rela...9.8Mar 15, 2017
CVE-2016-10168Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks...7.8Mar 15, 2017
CVE-2016-10167The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file.5.5Mar 15, 2017
CVE-2016-9317The gdImageCreate function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (system hang) via an oversized image.5.5Jan 26, 2017
CVE-2016-6912Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via large width and height values.9.8Jan 26, 2017
CVE-2016-8670Integer signedness error in the dynamicGetbuf function in gd_io_dp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attacker...9.8Jan 4, 2017
CVE-2016-7568Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of servic...9.8Sep 28, 2016
CVE-2015-8877The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allow...7.5May 22, 2016
CVE-2006-2906The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell graphics draw (GD) library (aka libgd) 2.0.33 allows remote attackers to cause a denial of service (CPU consumption) v...5.4Jun 8, 2006
CVE-1999-0392Buffer overflow in Thomas Boutell's cgic library version up to 1.05.5.0Sep 29, 1999