Description
Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted imagewebp and imagedestroy calls.
Remediation
References
Related Vulnerabilities
SharePoint CVE-2021-28478 Vulnerability (CVE-2021-28478)
Magento Session Fixation Vulnerability (CVE-2019-8116)
WordPress Plugin My Tickets Cross-Site Request Forgery (1.9.10)
WordPress Plugin wp-buddha-free-adwords Security Bypass (1.0.0)
PHP Improper Handling of Exceptional Conditions Vulnerability (CVE-2014-1943)