CVE-2016-6912
CRITICAL9.8EPSS 0.47%Published: 1/26/2017Modified: 4/28/2026
Also known as:ALPINE-CVE-2016-6912DEBIAN-CVE-2016-6912
Description
Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via large width and height values.
Affected packages (2)
- Alpine/gdfrom 0, < 2.2.4-r0
- Debian/libgd2from 0, < 2.2.4-1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | CRITICAL9.8 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |