MGASA-2019-0073
Advisory lineage Upstream: 2 Downstream: 0
Upstream
Published: 13 Feb 2019, 11:08
Last modified:16 Apr 2026, 04:26
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
13 Feb 2019, 11:08
Published
Vulnerability first disclosed
16 Apr 2026, 04:26
Last Modified
Vulnerability information updated
Description
Updated libgd packages fix security vulnerability gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5 has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger calls to the function with crafted image data (CVE-2019-6977). The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c (CVE-2019-6978).
Affected Systems
- mageia•libgd
< 2.2.5-2.3.mga6