Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-5711

Опубликовано: 16 янв. 2018
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 4.3
CVSS3: 5.5

Описание

gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or imagecreatefromstring PHP function. This is related to GetCode_ and gdImageCreateFromGifCtx.

РелизСтатусПримечание
artful

ignored

end of life
bionic

released

2.2.5-4ubuntu0.2
cosmic

released

2.2.5-4ubuntu1
devel

released

2.2.5-4ubuntu1
disco

released

2.2.5-4ubuntu1
eoan

released

2.2.5-4ubuntu1
esm-infra-legacy/trusty

not-affected

2.1.0-3ubuntu0.10
esm-infra/bionic

not-affected

2.2.5-4ubuntu0.2
esm-infra/focal

not-affected

2.2.5-4ubuntu1
esm-infra/xenial

not-affected

2.1.1-4ubuntu0.16.04.10

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

not-affected

uses system gd
esm-infra/focal

DNE

focal

DNE

groovy

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

esm-infra/xenial

not-affected

uses system gd
focal

DNE

Показывать по

РелизСтатусПримечание
artful

not-affected

uses system gd
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 90%
0.06075
Низкий

4.3 Medium

CVSS2

5.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-5711

CVSS3: 4.3
redhat
больше 7 лет назад

gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or imagecreatefromstring PHP function. This is related to GetCode_ and gdImageCreateFromGifCtx.

nvd логотип

CVE-2018-5711

CVSS3: 5.5
nvd
больше 7 лет назад

gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or imagecreatefromstring PHP function. This is related to GetCode_ and gdImageCreateFromGifCtx.

debian логотип

CVE-2018-5711

CVSS3: 5.5
debian
больше 7 лет назад

gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP bef ...

suse-cvrf логотип

openSUSE-SU-2018:0316-1

suse-cvrf
больше 7 лет назад

Security update for gd

suse-cvrf логотип

SUSE-SU-2018:0260-1

suse-cvrf
больше 7 лет назад

Security update for gd

EPSS

Процентиль: 90%
0.06075
Низкий

4.3 Medium

CVSS2

5.5 Medium

CVSS3