All Products
Document Center

[Vulnerability notice] CVE-2016-3074: DoS vulnerability in GD Graphics Library

Last Updated: Nov 14, 2017


GD Graphics Library (LibGD) is an open source code library for the dynamic creation of images by programmers.

LibGD 2.1.1 has an integer signature error. By constructing compressed gd2 data, remote attackers can start a denial of service attack or run arbitrary code.

Affected versions

LibGD 2.1.1 or earlier versions


  • Use the official patch to re-compile and install LibGD.

  • Upgrade the PHP version.

    • Upgrade the 7.0.x series to 7.0.6 or later.
    • Upgrade the 5.6.x series to 5.6.21 or later.
    • Upgrade the 5.5.x series to 5.5.35 or later.