Fabio Cabral Pacheco

**Name of the Vulnerable Software and Affected Versions** libgd versions 2.1.0-rc2 through 2.2.5 **Description** The issue is related to a NULL pointer dereference in the `gdImageClone` function of the libgd library, specifically in the gd.c component. This allows a remote attacker to cause a denial of service by crashing an application through a specific sequence of function calls. It is noted that this only affects PHP when it is linked with an external libgd library, not when libgd is bundled with PHP. **Recommendations** For libgd versions 2.1.0-rc2 through 2.2.5, consider updating to a version where this issue is fixed, as the current version allows attackers to crash applications via specific function calls. At the moment, there is no information about a newer version that contains a fix for this vulnerability.