Fluid Attacks Database

Description

Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
alpine v3.5	gd	=2.0.35-r0 \|\| =2.0.35-r1 \|\| =2.0.35-r2 \|\| =2.0.36_rc1-r1 \|\| =2.0.36_rc1-r2 \|\| =2.0.36_rc1-r3 \|\| =2.0.36_rc1-r4 \|\| =2.0.36_rc1-r5 \|\| =2.0.36_rc1-r6 \|\| =2.0.36_rc1-r7 \|\| =2.0.36_rc1-r8 \|\| =2.0.36_rc1-r9 \|\| =2.1.0-r0 \|\| =2.1.0-r1 \|\| =2.1.1-r0 \|\| =2.2.1-r0 \|\| =2.2.3-r0 \|\| =2.2.3-r1 \|\| =2.2.4-r0 \|\| >=0 <2.2.5-r0	2.2.5-r0
alpine v3.4	gd	=2.0.35-r0 \|\| =2.0.35-r1 \|\| =2.0.35-r2 \|\| =2.0.36_rc1-r1 \|\| =2.0.36_rc1-r2 \|\| =2.0.36_rc1-r3 \|\| =2.0.36_rc1-r4 \|\| =2.0.36_rc1-r5 \|\| =2.0.36_rc1-r6 \|\| =2.0.36_rc1-r7 \|\| =2.0.36_rc1-r8 \|\| =2.0.36_rc1-r9 \|\| =2.1.0-r0 \|\| =2.1.0-r1 \|\| =2.1.1-r0 \|\| =2.2.1-r0 \|\| =2.2.3-r0 \|\| =2.2.3-r1 \|\| =2.2.4-r0 \|\| >=0 <2.2.5-r0	2.2.5-r0
debian 11	libgd2	>=0 <2.2.5-1	2.2.5-1
alpine v3.6	gd	=2.0.35-r0 \|\| =2.0.35-r1 \|\| =2.0.35-r2 \|\| =2.0.36_rc1-r0 \|\| =2.0.36_rc1-r1 \|\| =2.0.36_rc1-r2 \|\| =2.0.36_rc1-r3 \|\| =2.0.36_rc1-r4 \|\| =2.0.36_rc1-r5 \|\| =2.0.36_rc1-r6 \|\| =2.0.36_rc1-r7 \|\| =2.0.36_rc1-r8 \|\| =2.0.36_rc1-r9 \|\| =2.1.0-r0 \|\| =2.1.0-r1 \|\| =2.1.1-r0 \|\| =2.2.1-r0 \|\| =2.2.3-r0 \|\| =2.2.3-r1 \|\| =2.2.4-r0 \|\| =2.2.4-r1 \|\| =2.2.4-r2 \|\| >=0 <2.2.5-r0	2.2.5-r0
debian 12	libgd2	>=0 <2.2.5-1	2.2.5-1
rpm rhel5	libwmf	-	-
debian 14	libgd2	>=0 <2.2.5-1	2.2.5-1
debian 13	libgd2	>=0 <2.2.5-1	2.2.5-1
rpm rhel6	libwmf	-	-
rpm rhel7	gd	-	-

1-10 of 17

Aliases

1. CVE-2017-63622. NVD-2017-63623. OSV-ALPINE-2017-63624. OSV-2017-63625. OSV-DEBIAN-2017-63626. SECURITY-CVE-2017-63627. SECURITY-TRACKER-CVE-2017-6362

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.