CVE-2021-40812

Опубликовано: 08 сент. 2021

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

The GD Graphics Library (aka LibGD) through 2.3.2 has an out-of-bounds read because of the lack of certain gdGetBuf and gdPutBuf return value checks.

Ссылки

https://github.com/libgd/libgd/commit/6f5136821be86e7068fcdf651ae9420b5d42e9a9
Patch
Third Party Advisory
https://github.com/libgd/libgd/issues/750#issuecomment-914872385
Patch
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2024/04/msg00003.html
https://github.com/libgd/libgd/commit/6f5136821be86e7068fcdf651ae9420b5d42e9a9
Patch
Third Party Advisory
https://github.com/libgd/libgd/issues/750#issuecomment-914872385
Patch
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2024/04/msg00003.html

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:libgd:libgd:*:*:*:*:*:*:*:*

Версия до 2.3.2 (включая)

EPSS

Процентиль: 37%

0.0016

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

CVE-2021-40812

CVSS3: 6.5

ubuntu

больше 4 лет назад

The GD Graphics Library (aka LibGD) through 2.3.2 has an out-of-bounds read because of the lack of certain gdGetBuf and gdPutBuf return value checks.

CVE-2021-40812

CVSS3: 6.5

msrc

около 4 лет назад

The GD Graphics Library (aka LibGD) through 2.3.2 has an out-of-bounds read because of the lack of certain gdGetBuf and gdPutBuf return value checks.

CVE-2021-40812

CVSS3: 6.5

debian

больше 4 лет назад

The GD Graphics Library (aka LibGD) through 2.3.2 has an out-of-bounds ...

openSUSE-SU-2021:3236-1

suse-cvrf

больше 4 лет назад

Security update for gd

SUSE-SU-2021:3236-1

suse-cvrf

больше 4 лет назад

Security update for gd

EPSS

Процентиль: 37%

0.0016

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-125