CVE-2016-6912

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-6912

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-6912.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2016-6912

Related

Published

2017-01-26T15:59:00Z

Modified

2024-09-18T02:13:30.603861Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via large width and height values.

References

Affected packages

Alpine:v3.3 / gd

Package

Name: gd
Purl: pkg:apk/alpine/gd?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.4-r0

Affected versions

2.*

2.0.35-r0

2.0.35-r1

2.0.35-r2

2.0.36_rc1-r1

2.0.36_rc1-r2

2.0.36_rc1-r3

2.0.36_rc1-r4

2.0.36_rc1-r5

2.0.36_rc1-r6

2.0.36_rc1-r7

2.0.36_rc1-r8

2.0.36_rc1-r9

2.1.0-r0

2.1.0-r1

2.1.1-r0

2.1.1-r1

2.1.1-r2

Alpine:v3.4 / gd

Package

Name: gd
Purl: pkg:apk/alpine/gd?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.4-r0

Affected versions

2.*

2.0.35-r0

2.0.35-r1

2.0.35-r2

2.0.36_rc1-r1

2.0.36_rc1-r2

2.0.36_rc1-r3

2.0.36_rc1-r4

2.0.36_rc1-r5

2.0.36_rc1-r6

2.0.36_rc1-r7

2.0.36_rc1-r8

2.0.36_rc1-r9

2.1.0-r0

2.1.0-r1

2.1.1-r0

2.2.1-r0

2.2.3-r0

2.2.3-r1

Alpine:v3.5 / gd

Package

Name: gd
Purl: pkg:apk/alpine/gd?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.4-r0

Affected versions

2.*

2.0.35-r0

2.0.35-r1

2.0.35-r2

2.0.36_rc1-r1

2.0.36_rc1-r2

2.0.36_rc1-r3

2.0.36_rc1-r4

2.0.36_rc1-r5

2.0.36_rc1-r6

2.0.36_rc1-r7

2.0.36_rc1-r8

2.0.36_rc1-r9

2.1.0-r0

2.1.0-r1

2.1.1-r0

2.2.1-r0

2.2.3-r0

2.2.3-r1

Debian:11 / libgd2

Package

Name: libgd2
Purl: pkg:deb/debian/libgd2?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / libgd2

Package

Name: libgd2
Purl: pkg:deb/debian/libgd2?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / libgd2

Package

Name: libgd2
Purl: pkg:deb/debian/libgd2?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/libgd/libgd

Affected ranges

Type: GIT
Repo: https://github.com/libgd/libgd
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

a49feeae76d41959d85ee733925a4cf40bac61b2

Affected versions

Other

GD_1_3_0

GD_1_4_0

GD_1_5_0

GD_1_6_0

GD_1_6_1

GD_1_6_2

GD_1_6_3

GD_1_7_0

GD_1_7_1

GD_1_7_2

GD_1_7_3

GD_1_8_0

GD_1_8_1

GD_1_8_3

GD_1_8_4

GD_2_0_0

GD_2_0_1

GD_2_0_10

GD_2_0_11

GD_2_0_12

GD_2_0_13

GD_2_0_14

GD_2_0_15

GD_2_0_17

GD_2_0_18

GD_2_0_19

GD_2_0_2

GD_2_0_20

GD_2_0_21

GD_2_0_22

GD_2_0_23

GD_2_0_24

GD_2_0_25

GD_2_0_26

GD_2_0_27

GD_2_0_28

GD_2_0_29

GD_2_0_3

GD_2_0_30

GD_2_0_31

GD_2_0_32

GD_2_0_33

GD_2_0_34RC1

GD_2_0_4

GD_2_0_5

GD_2_0_6

GD_2_0_7

GD_2_0_8

GD_2_0_9

gd-2.*

gd-2.1.0

gd-2.1.0-alpha1

gd-2.1.0-rc1

gd-2.1.0-rc2

gd-2.1.1

gd-2.2.0

gd-2.2.1