Product:

Graphicsmagick

(Graphicsmagick)
Repositories https://github.com/ImageMagick/ImageMagick
#Vulnerabilities 116
Date ID Summary Products Score Patch
2020-05-06 CVE-2020-12672 GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c. Graphicsmagick N/A
2020-03-24 CVE-2020-10938 GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c. Graphicsmagick N/A
2020-03-18 CVE-2019-12921 In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read arbitrary files via a crafted image because of TranslateTextEx for SVG. Graphicsmagick N/A
2018-03-14 CVE-2017-18231 An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadEnhMetaFile in coders/emf.c, which allows attackers to cause a denial of service via a crafted file. Debian_linux, Graphicsmagick 6.5
2018-03-14 CVE-2017-18230 An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadCINEONImage in coders/cineon.c, which allows attackers to cause a denial of service via a crafted file. Debian_linux, Graphicsmagick 6.5
2018-03-14 CVE-2017-18229 An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allows attackers to cause a denial of service via a crafted file, because file size is not properly used to restrict scanline, strip, and tile allocations. Debian_linux, Graphicsmagick 6.5
2017-12-27 CVE-2017-17915 In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadMNGImage in coders/png.c, related to accessing one byte before testing whether a limit has been reached. Debian_linux, Graphicsmagick 8.8
2017-12-27 CVE-2017-17913 In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use a different structure type. Debian_linux, Graphicsmagick 8.8
2017-12-27 CVE-2017-17912 In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadNewsProfile in coders/tiff.c, in which LocaleNCompare reads heap data beyond the allocated region. Debian_linux, Graphicsmagick 8.8
2017-12-20 CVE-2017-17783 In GraphicsMagick 1.3.27a, there is a buffer over-read in ReadPALMImage in coders/palm.c when QuantumDepth is 8. Debian_linux, Graphicsmagick 7.5