Search CVE reports
1 – 2 of 2 results
Some fixes available 16 of 28
gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).
6 affected packages
libgd2, php5, php7.0, php7.2, doxygen, php7.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libgd2 | Fixed | Fixed | Fixed | Fixed |
| php5 | Not in release | Not in release | Not in release | Not in release |
| php7.0 | Not in release | Not in release | Not in release | Not in release |
| php7.2 | Not in release | Not in release | Not in release | Not affected |
| doxygen | Vulnerable | Vulnerable | Vulnerable | Not affected |
| php7.3 | Not in release | Not in release | Not in release | Not in release |
Some fixes available 1 of 18
Insufficient sanitization of the query parameter in templates/html/search_opensearch.php could lead to reflected cross-site scripting or iframe injection.
2 affected packages
quantlib-refman-html, doxygen
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| quantlib-refman-html | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| doxygen | Not affected | Not affected | Not affected | Not affected |