Product:

Graphicsmagick

(Graphicsmagick)
Repositories https://github.com/ImageMagick/ImageMagick
#Vulnerabilities 118
Date Id Summary Products Score Patch Annotated
2020-05-06 CVE-2020-12672 GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c. Debian_linux, Graphicsmagick, Backports_sle, Leap 7.5
2022-09-28 CVE-2022-1270 In GraphicsMagick, a heap buffer overflow was found when parsing MIFF. Debian_linux, Graphicsmagick 7.8
2023-08-22 CVE-2020-21679 Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote attackers to cause a denial of service via converting of crafted image file to pcx format. Graphicsmagick 5.5
2016-06-10 CVE-2016-5118 The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename. Ubuntu_linux, Debian_linux, Graphicsmagick, Imagemagick, Leap, Opensuse, Linux, Solaris, Linux_enterprise_debuginfo, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Linux_enterprise_workstation_extension, Studio_onsite 9.8
2017-02-27 CVE-2016-5240 The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a denial of service (infinite loop) by converting a circularly defined SVG file. Graphicsmagick 5.5
2017-07-26 CVE-2017-11638 GraphicsMagick 1.3.26 has a segmentation violation in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11642. Graphicsmagick 8.8
2017-07-26 CVE-2017-11642 GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11638. Graphicsmagick 8.8
2017-07-28 CVE-2017-11722 The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file, because the program's actual control flow was inconsistent with its indentation. This resulted in a logging statement executing outside of a loop, and consequently using an invalid array index corresponding to the loop's exit condition. Graphicsmagick 6.5
2017-08-18 CVE-2017-12935 The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c. Debian_linux, Graphicsmagick 8.8
2017-08-18 CVE-2017-12936 The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting. Debian_linux, Graphicsmagick 8.8