Description
The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function.
Remediation
References
Related Vulnerabilities
Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-18679)
WordPress Plugin MapSVG Lite Arbitrary File Upload (4.0.5)
WordPress Plugin Backup Migration Remote Code Execution (1.3.7)
MySQL Other Vulnerability (CVE-2007-5970)
PostgreSQL Improper Input Validation Vulnerability (CVE-2019-10210)