Description
The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function.
Remediation
References
Related Vulnerabilities
MyBB CVE-2015-2786 Vulnerability (CVE-2015-2786)
WordPress Plugin Adminer Cross-Site Scripting (1.4.2)
WordPress Plugin Visitor Traffic Real Time Statistics Unspecified Vulnerability (4.2)
Jenkins CVE-2023-27902 Vulnerability (CVE-2023-27902)
WordPress Plugin FG Joomla to WordPress Cross-Site Scripting (3.30.0)