Description
Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted imagewebp and imagedestroy calls.
Remediation
References
Related Vulnerabilities
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1336)
Jenkins Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1999044)
Plone CMS CVE-2011-2528 Vulnerability (CVE-2011-2528)
WordPress Plugin Daily Prayer Time Cross-Site Scripting (2023.03.20)
WordPress Plugin 3D Slider Slice Box Multiple Cross-Site Scripting Vulnerabilities (1.0)