CVE-2016-6912

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2016-6912
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-6912.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-6912
Downstream
Related
Published
2017-01-26T15:59:00Z
Modified
2025-10-21T03:55:48.283032Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via large width and height values.

References

Affected packages

Git / github.com/libgd/libgd

Affected ranges

Type
GIT
Repo
https://github.com/libgd/libgd
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
a49feeae76d41959d85ee733925a4cf40bac61b2

Affected versions

Other

GD_1_3_0
GD_1_4_0
GD_1_5_0
GD_1_6_0
GD_1_6_1
GD_1_6_2
GD_1_6_3
GD_1_7_0
GD_1_7_1
GD_1_7_2
GD_1_7_3
GD_1_8_0
GD_1_8_1
GD_1_8_3
GD_1_8_4
GD_2_0_0
GD_2_0_1
GD_2_0_10
GD_2_0_11
GD_2_0_12
GD_2_0_13
GD_2_0_14
GD_2_0_15
GD_2_0_17
GD_2_0_18
GD_2_0_19
GD_2_0_2
GD_2_0_20
GD_2_0_21
GD_2_0_22
GD_2_0_23
GD_2_0_24
GD_2_0_25
GD_2_0_26
GD_2_0_27
GD_2_0_28
GD_2_0_29
GD_2_0_3
GD_2_0_30
GD_2_0_31
GD_2_0_32
GD_2_0_33
GD_2_0_34RC1
GD_2_0_4
GD_2_0_5
GD_2_0_6
GD_2_0_7
GD_2_0_8
GD_2_0_9

gd-2.*

gd-2.1.0
gd-2.1.0-alpha1
gd-2.1.0-rc1
gd-2.1.0-rc2
gd-2.1.1
gd-2.2.0
gd-2.2.1

Database specific

vanir_signatures

[
    {
        "source": "https://github.com/libgd/libgd/commit/a49feeae76d41959d85ee733925a4cf40bac61b2",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "function": "gdImageWebpPtrEx",
            "file": "src/gd_webp.c"
        },
        "id": "CVE-2016-6912-1ceb8d47",
        "digest": {
            "length": 256.0,
            "function_hash": "194432856202509582634112016709099942790"
        },
        "signature_type": "Function"
    },
    {
        "source": "https://github.com/libgd/libgd/commit/a49feeae76d41959d85ee733925a4cf40bac61b2",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "function": "gdImageWebpPtr",
            "file": "src/gd_webp.c"
        },
        "id": "CVE-2016-6912-20b19685",
        "digest": {
            "length": 240.0,
            "function_hash": "263634395288281089245221440233268892526"
        },
        "signature_type": "Function"
    },
    {
        "source": "https://github.com/libgd/libgd/commit/a49feeae76d41959d85ee733925a4cf40bac61b2",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "file": "src/gd_webp.c"
        },
        "id": "CVE-2016-6912-30a6f371",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "226314011694864228167121923027072676514",
                "115891090990414782721042074415808808664",
                "270550999008250903546546363122334472610",
                "165035331840864166232396677569735442872",
                "323194074526845233823034554452783681031",
                "253159594288061037863152020671000092132",
                "220517490509686932254282566371139298574",
                "229024611823301256720504633326486924855",
                "49350847470409066424325355585297459511",
                "260685879039915097948098926222053984946",
                "80524107107104510786750792924489434959",
                "273920153783671096898495713177099510304",
                "69301396884102556819709729200885743669",
                "260430200314915306155554693107514655915",
                "130992913157959465600679689363344875169",
                "125391211917661101081359825220659571510",
                "150572221959291443726484044644651843020",
                "297535411690312047760653308665145846319",
                "283264013521419496612609659629020243789",
                "328056028472638930341876244520354393728",
                "154522361093626086693412344659889424850",
                "282195283766107171985828581911887524314",
                "280000238423449248337798522931759000892",
                "259156017841268588407719744615079970615",
                "207969707468940408532219620355239705606",
                "165401882145534654389883252474120674586",
                "178052543393676222313287489654570762649",
                "306914893761560154472273876944749538878",
                "314637351373374929740629063029290356424",
                "146836403968990295987137183590878464831",
                "54845465767489718514097200569403208876",
                "192424367647884477848594017894819999824",
                "103168787477525203127270943579605278386",
                "156292238637150279986861036642602915326",
                "146457078312660000339683892432143312280",
                "5494202239218623657594591341794605167",
                "86421550382363043592400574939183248125",
                "62229571860490416194336729379296103642",
                "294822212921089678973169151982996393032",
                "117898169068602156424053768469772240017",
                "187569784449927878788942257498495164918",
                "130019454264095873297394408555768060885",
                "91031455532836974043864731255011363812",
                "187132299941885825493426592059706116319",
                "294295043922203891838814395406559701457",
                "195352474555395787924998801864664744670",
                "259757342006937158645403180877644294105",
                "113470114409076747680286142819285863266",
                "143503727441512041150586793506095820968",
                "138673491214596323821530352149190715675",
                "285888797987962732229995715833398004374",
                "77206147269506535706208285659459403687",
                "113470114409076747680286142819285863266"
            ]
        },
        "signature_type": "Line"
    },
    {
        "source": "https://github.com/libgd/libgd/commit/a49feeae76d41959d85ee733925a4cf40bac61b2",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "function": "gdImageWebpCtx",
            "file": "src/gd_webp.c"
        },
        "id": "CVE-2016-6912-ee5bd5eb",
        "digest": {
            "length": 1241.0,
            "function_hash": "149436322919130083630709859127553216096"
        },
        "signature_type": "Function"
    }
]