Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Graphicsmagick
(Graphicsmagick)| Repositories | https://github.com/ImageMagick/ImageMagick |
| #Vulnerabilities | 118 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-08-22 | CVE-2017-13066 | GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c. | Graphicsmagick | 6.5 | ||
| 2017-07-26 | CVE-2017-11641 | GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in magick/pixel_cache.c during writing of Magick Persistent Cache (MPC) files. | Graphicsmagick | 9.8 | ||
| 2017-07-10 | CVE-2017-11140 | The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remote attackers to cause a denial of service (resource consumption) via crafted JPEG files. | Graphicsmagick | 5.5 | ||
| 2018-10-21 | CVE-2018-18544 | There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31. | Graphicsmagick, Imagemagick, Leap | 6.5 | ||
| 2019-04-08 | CVE-2019-11009 | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows attackers to cause a denial of service or information disclosure via a crafted image file. | Debian_linux, Graphicsmagick, Leap | 8.1 | ||
| 2017-07-10 | CVE-2017-11139 | GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c. | Debian_linux, Graphicsmagick | 9.8 | ||
| 2018-01-14 | CVE-2018-5685 | In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function (coders/bmp.c). Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value. | Debian_linux, Graphicsmagick | 6.5 | ||
| 2018-01-14 | CVE-2018-5360 | LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27. | Graphicsmagick, Libtiff | 8.8 | ||
| 2017-03-14 | CVE-2017-6335 | The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samples per pixel value in a CMYKA TIFF file. | Graphicsmagick | 5.5 | ||
| 2017-10-12 | CVE-2017-15277 | ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting data, this data sometimes can be leaked via the uninitialized palette. | Graphicsmagick, Imagemagick | 6.5 |