VDB

ALPINE-CVE-2021-38115

ALPINE-CVE-2021-38115 PUBLISHED CVSS 6.5 MEDIUM

read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) through 2.3.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.

Risk Scores

CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Alpine:v3.23gd0, 2.0.35-r0, 2.0.35-r1
Alpine:v3.17gd0, 2.3.0-r0, 2.2.5-r2
Alpine:v3.18gd0, 2.3.0-r0, 2.2.5-r2
Alpine:v3.12gd2.2.4-r2, 2.2.5-r2, 2.2.5-r1
Alpine:v3.20gd2.0.35-r0, 2.0.35-r1, 2.0.35-r2
Alpine:v3.14gd2.0.35-r2, 0, 2.0.35-r0
Alpine:v3.13gd2.0.35-r0, 2.0.35-r2, 2.0.36_rc1-r0
Alpine:v3.21gd2.0.35-r0, 2.0.35-r1, 2.0.35-r2
Alpine:v3.16gd2.0.35-r1, 2.3.0-r0, 2.2.5-r2
Alpine:v3.19gd2.0.35-r2, 2.0.36_rc1-r0, 2.0.36_rc1-r3
Alpine:v3.11gd2.2.5-r3, 0, 2.0.35-r0
Alpine:v3.15gd2.0.35-r1, 0, 2.0.35-r2
Alpine:v3.22gd2.2.5-r2, 2.0.35-r1, 0

Timeline

  • Aug 4, 2021 CVE Published
  • Dec 3, 2025 CVE Updated
  • Apr 30, 2026 Distribution Patch
Open in Interactive Console →
$ Console Community · 100/wk Open console ›