Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Graphicsmagick
(Graphicsmagick)Repositories | https://github.com/ImageMagick/ImageMagick |
#Vulnerabilities | 118 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2017-11-09 | CVE-2017-16669 | coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the AcquireCacheNexus function in magick/pixel_cache.c. | Debian_linux, Graphicsmagick | 8.8 | ||
2017-09-12 | CVE-2017-14314 | Off-by-one error in the DrawImage function in magick/render.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (DrawDashPolygon heap-based buffer over-read and application crash) via a crafted file. | Debian_linux, Graphicsmagick | 6.5 | ||
2017-09-06 | CVE-2017-14165 | The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has an issue where memory allocation is excessive because it depends only on a length field in a header. This may lead to remote denial of service in the MagickMalloc function in magick/memory.c. | Graphicsmagick | 6.5 | ||
2017-08-30 | CVE-2017-13777 | GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version==10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it. | Debian_linux, Graphicsmagick | 6.5 | ||
2017-08-30 | CVE-2017-13776 | GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version!=10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it. | Debian_linux, Graphicsmagick | 6.5 | ||
2019-04-08 | CVE-2019-11010 | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in the function ReadMPCImage of coders/mpc.c, which allows attackers to cause a denial of service via a crafted image file. | Debian_linux, Graphicsmagick, Leap | 6.5 | ||
2019-04-08 | CVE-2019-11006 | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attackers to cause a denial of service or information disclosure via an RLE packet. | Debian_linux, Graphicsmagick, Leap | 9.1 | ||
2019-04-08 | CVE-2019-11005 | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a quoted font family value. | Graphicsmagick, Leap | 9.8 | ||
2018-12-17 | CVE-2018-20189 | In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has a vulnerability allowing a crash and denial of service via a dib file that is crafted to appear with direct pixel values and also colormapping (which is not available beyond 8-bits/sample), and therefore lacks indexes initialization. | Debian_linux, Graphicsmagick | 6.5 | ||
2017-08-30 | CVE-2017-14042 | A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c in GraphicsMagick 1.3.26. The vulnerability causes a big memory allocation, which may lead to remote denial of service in the MagickRealloc function in magick/memory.c. | Graphicsmagick | 6.5 |