Rooney

**Name of the Vulnerable Software and Affected Versions** Libgd version 2.2.5 **Description** The issue is related to a Double Free Vulnerability in the `gdImageBmpPtr` function, which can result in Remote Code Execution. This can be triggered by a specially crafted JPEG image, causing a double free. The vulnerability appears to have been fixed after a specific commit. **Recommendations** For Libgd version 2.2.5, update to a version that includes the fix after commit ac16bdf2d41724b5a65255d4c28fb0ec46bc42f5 to resolve the issue. As a temporary workaround, consider restricting the use of the `gdImageBmpPtr` function until a patch is available. Avoid using specially crafted JPEG images that can trigger the double free vulnerability.