Product:

Graphicsmagick

(Graphicsmagick)
Repositories https://github.com/ImageMagick/ImageMagick
#Vulnerabilities 116
Date Id Summary Products Score Patch Annotated
2017-05-19 CVE-2017-9098 ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. This is caused by a missing initialization step in the ReadRLEImage function in coders/rle.c. Debian_linux, Graphicsmagick, Imagemagick 7.5
2019-02-05 CVE-2019-7397 In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c. Ubuntu_linux, Debian_linux, Graphicsmagick, Imagemagick, Leap 7.5
2018-12-17 CVE-2018-20184 In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based buffer overflow in the WriteTGAImage function of tga.c, which allows attackers to cause a denial of service via a crafted image file, because the number of rows or columns can exceed the pixel-dimension restrictions of the TGA specification. Debian_linux, Graphicsmagick 6.5
2018-12-17 CVE-2018-20185 In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits. Ubuntu_linux, Debian_linux, Graphicsmagick N/A
2020-05-06 CVE-2020-12672 GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c. Graphicsmagick N/A
2020-03-24 CVE-2020-10938 GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c. Graphicsmagick N/A
2020-03-18 CVE-2019-12921 In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read arbitrary files via a crafted image because of TranslateTextEx for SVG. Graphicsmagick N/A
2018-03-14 CVE-2017-18231 An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadEnhMetaFile in coders/emf.c, which allows attackers to cause a denial of service via a crafted file. Debian_linux, Graphicsmagick 6.5
2018-03-14 CVE-2017-18230 An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadCINEONImage in coders/cineon.c, which allows attackers to cause a denial of service via a crafted file. Debian_linux, Graphicsmagick 6.5
2018-03-14 CVE-2017-18229 An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allows attackers to cause a denial of service via a crafted file, because file size is not properly used to restrict scanline, strip, and tile allocations. Debian_linux, Graphicsmagick 6.5