CVE-2016-10166

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2016-10166
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-10166.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-10166
Downstream
Related
Published
2017-03-15T15:59:00.267Z
Modified
2026-04-10T03:47:16.348789Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Integer underflow in the gdContributionsAlloc function in gdinterpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable.

References

Affected packages

Git / github.com/libgd/libgd

Affected ranges

Type
GIT
Repo
https://github.com/libgd/libgd
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
46ceef5970bf3a847ff61d1bdde7501d66c11d0c
Fixed
60bfb401ad5a4a8ae995dcd36372fe15c71e1a35
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.2.3"
        }
    ]
}

Affected versions

Other
GD_1_3_0
GD_1_4_0
GD_1_5_0
GD_1_6_0
GD_1_6_1
GD_1_6_2
GD_1_6_3
GD_1_7_0
GD_1_7_1
GD_1_7_2
GD_1_7_3
GD_1_8_0
GD_1_8_1
GD_1_8_3
GD_1_8_4
GD_2_0_0
GD_2_0_1
GD_2_0_10
GD_2_0_11
GD_2_0_12
GD_2_0_13
GD_2_0_14
GD_2_0_15
GD_2_0_17
GD_2_0_18
GD_2_0_19
GD_2_0_2
GD_2_0_20
GD_2_0_21
GD_2_0_22
GD_2_0_23
GD_2_0_24
GD_2_0_25
GD_2_0_26
GD_2_0_27
GD_2_0_28
GD_2_0_29
GD_2_0_3
GD_2_0_30
GD_2_0_31
GD_2_0_32
GD_2_0_33
GD_2_0_34RC1
GD_2_0_4
GD_2_0_5
GD_2_0_6
GD_2_0_7
GD_2_0_8
GD_2_0_9
gd-2.*
gd-2.1.0
gd-2.1.0-alpha1
gd-2.1.0-rc1
gd-2.1.1
gd-2.2.0
gd-2.2.1
gd-2.2.2
gd-2.2.3

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-10166.json"