Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Graphicsmagick
(Graphicsmagick)| Repositories | https://github.com/ImageMagick/ImageMagick |
| #Vulnerabilities | 118 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-02-27 | CVE-2016-5240 | The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a denial of service (infinite loop) by converting a circularly defined SVG file. | Graphicsmagick | 5.5 | ||
| 2017-07-26 | CVE-2017-11638 | GraphicsMagick 1.3.26 has a segmentation violation in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11642. | Graphicsmagick | 8.8 | ||
| 2017-07-26 | CVE-2017-11642 | GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11638. | Graphicsmagick | 8.8 | ||
| 2017-07-28 | CVE-2017-11722 | The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file, because the program's actual control flow was inconsistent with its indentation. This resulted in a logging statement executing outside of a loop, and consequently using an invalid array index corresponding to the loop's exit condition. | Graphicsmagick | 6.5 | ||
| 2017-08-18 | CVE-2017-12935 | The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c. | Debian_linux, Graphicsmagick | 8.8 | ||
| 2017-08-18 | CVE-2017-12936 | The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting. | Debian_linux, Graphicsmagick | 8.8 | ||
| 2017-08-18 | CVE-2017-12937 | The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read. | Debian_linux, Graphicsmagick | 8.8 | ||
| 2017-08-22 | CVE-2017-13063 | GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12. | Debian_linux, Graphicsmagick | 6.5 | ||
| 2017-08-22 | CVE-2017-13064 | GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12. | Debian_linux, Graphicsmagick | 6.5 | ||
| 2017-08-22 | CVE-2017-13065 | GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c. | Debian_linux, Graphicsmagick | 6.5 |