These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2016-9317 is a denial-of-service issue in libgd before 2.2.4. The vulnerability is described as an oversized image causing gdImageCreate to hang the system. Because libgd is commonly used to process image content, the risk is highest in applications that accept untrusted images. The CVE was published on 2017-01-26, and the NVD entry points to the libgd 2.2.4 changelog and the corresponding fixing comm [truncated]
CVE-2016-6912 is a critical double-free vulnerability in libgd’s gdImageWebPtr function. According to the NVD record, it affects libgd versions up to 2.2.3 and was fixed before 2.2.4. The issue is remotely reachable and rated CVSS 3.0 9.8, reflecting low attack complexity and no required privileges or user interaction.
CVE-2016-6911 is a medium-severity memory-safety issue in libgd’s TIFF handling. According to the NVD description, the dynamicGetbuf function in libgd before 2.2.4 can be reached with a crafted TIFF image and may trigger an out-of-bounds read, resulting in denial of service.