Cmb69

**Name of the Vulnerable Software and Affected Versions** GD Graphics Library versions prior to 2.2.4 **Description** The issue is related to insufficient input validation in the `gdImageCreate` function, which can be exploited by remote attackers to cause a denial of service, resulting in a system hang. This can be achieved by using an oversized image. **Recommendations** For versions prior to 2.2.4, update to version 2.2.4 or later to resolve the issue. As a temporary workaround, consider validating and limiting the size of input images to prevent oversized images from being processed by the `gdImageCreate` function.

**Name of the Vulnerable Software and Affected Versions** GD Graphics Library versions prior to 2.2.0 PHP versions prior to 5.6.12 **Description** The issue is related to the `gdImageScaleTwoPass` function in the GD Graphics Library, which uses inconsistent memory allocation and deallocation approaches. This inconsistency can be exploited by remote attackers to cause a denial of service through memory consumption. The exploitation can be achieved by making a crafted call to the function, for example, through the PHP `imagescale` function. **Recommendations** For GD Graphics Library versions prior to 2.2.0, update to version 2.2.0 or later to resolve the issue. For PHP versions prior to 5.6.12, update to version 5.6.12 or later to resolve the issue. As a temporary workaround, consider restricting access to the `imagescale` function in PHP until the issue is resolved.