Description
Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow.
Remediation
References
Related Vulnerabilities
Oracle HTTP Server Other Vulnerability (CVE-2020-35166)
WordPress Plugin Export Users to CSV CSV Injection (1.1.1)
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1488)
Jboss EAP Observable Discrepancy Vulnerability (CVE-2022-3143)
WordPress Plugin Basic Dev Tools Multiple Cross-Site Scripting Vulnerabilities (1.4.1)