CVE-2013-7456

gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is mishandled by the imagescale function.

References

Affected packages

Debian:11 / libgd2

Package

Name: libgd2
Purl: pkg:deb/debian/libgd2?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.1.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / libgd2

Package

Name: libgd2
Purl: pkg:deb/debian/libgd2?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.1.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / libgd2

Package

Name: libgd2
Purl: pkg:deb/debian/libgd2?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.1.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:14 / libgd2

Package

Name: libgd2
Purl: pkg:deb/debian/libgd2?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.1.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}