gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
PHP
Buffer Overflow
Memory Corruption
Libgd
Debian Linux
+2
NVD
Exploit-DB
CVSS 3.0
8.8
EPSS
64.3%