Critical severity9.8NVD Advisory· Published Jan 26, 2017· Updated May 13, 2026

CVE-2016-6912

Description

Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via large width and height values.

Affected products

Libgd/Libgd
cpe:2.3:a:libgd:libgd:*:*:*:*:*:*:*:*
Range: <=2.2.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/libgd/libgd/blob/gd-2.2.4/CHANGELOG.mdnvdPatchRelease Notes
github.com/libgd/libgd/commit/a49feeae76d41959d85ee733925a4cf40bac61b2nvdPatchVendor Advisory
www.debian.org/security/2017/dsa-3777nvd
www.securityfocus.com/bid/95843nvd

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000