CVE-2017-6362

Опубликовано: 07 сент. 2017

Источник: debian

EPSS Низкий

Описание

Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libgd2	fixed	2.2.5-1		package

Примечания

https://github.com/libgd/libgd/issues/381
https://github.com/libgd/libgd/commit/56ce6ef068b954ad28379e83cca04feefc51320c

EPSS

Процентиль: 84%

0.02144

Низкий

Связанные уязвимости

CVE-2017-6362

CVSS3: 7.5

ubuntu

больше 8 лет назад

Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.

CVE-2017-6362

CVSS3: 5.3

redhat

больше 8 лет назад

Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.

CVE-2017-6362

CVSS3: 7.5

nvd

больше 8 лет назад

Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.

openSUSE-SU-2018:0151-1

suse-cvrf

около 8 лет назад

Security update for gd

SUSE-SU-2018:0135-1

suse-cvrf

около 8 лет назад

Security update for gd

EPSS

Процентиль: 84%

0.02144

Низкий