VDB
GCVE-110-MAGEIA-2018-367
GCVE-110-MAGEIA-2018-367
Advisory Published
The updated packages fix security vulnerabilities:
gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before
5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1,
has an integer signedness error that leads to an infinite loop via a
crafted GIF file, as demonstrated by a call to the imagecreatefromgif or
imagecreatefromstring PHP function. This is related to GetCode_ and
gdImageCreateFromGifCtx (CVE-2018-5711).
Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in
gdImageBmpPtr Function that can result in Remote Code Execution . This
attack appear to be exploitable via Specially Crafted Jpeg Image can
trigger double free (CVE-2018-1000222).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | libgd | 0 (affected), 2.2.5-2.1.mga6 (unaffected) | — |
Aliases
Browse GCVE Records
73,040 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.