Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Graphicsmagick
(Graphicsmagick)Repositories | https://github.com/ImageMagick/ImageMagick |
#Vulnerabilities | 118 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2017-08-23 | CVE-2017-13648 | In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c. | Graphicsmagick | 6.5 | ||
2017-08-29 | CVE-2017-13736 | There are lots of memory leaks in the GMCommand function in magick/command.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack. | Graphicsmagick | 6.5 | ||
2017-08-29 | CVE-2017-13737 | There is an invalid free in the MagickFree function in magick/memory.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack. | Debian_linux, Graphicsmagick | 6.5 | ||
2017-08-30 | CVE-2017-13775 | GraphicsMagick 1.3.26 has a denial of service issue in ReadJNXImage() in coders/jnx.c whereby large amounts of CPU and memory resources may be consumed although the file itself does not support the requests. | Debian_linux, Graphicsmagick | 6.5 | ||
2017-09-17 | CVE-2017-14504 | ReadPNMImage in coders/pnm.c in GraphicsMagick 1.3.26 does not ensure the correct number of colors for the XV 332 format, leading to a NULL Pointer Dereference. | Debian_linux, Graphicsmagick | 6.5 | ||
2017-09-21 | CVE-2017-14649 | ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does not properly validate JNG data, leading to a denial of service (assertion failure in magick/pixel_cache.c, and application crash). | Graphicsmagick | 5.5 | ||
2017-09-25 | CVE-2017-14733 | ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE headers that specify too few colors, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. | Debian_linux, Graphicsmagick | 6.5 | ||
2017-10-04 | CVE-2017-14994 | ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted DICOM image, related to the ability of DCM_ReadNonNativeImages to yield an image list with zero frames. | Debian_linux, Graphicsmagick | 6.5 | ||
2017-10-04 | CVE-2017-14997 | GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (excessive memory allocation) because of an integer underflow in ReadPICTImage in coders/pict.c. | Debian_linux, Graphicsmagick | 6.5 | ||
2017-10-11 | CVE-2017-15238 | ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26 has a use-after-free issue when the height or width is zero, related to ReadJNGImage. | Debian_linux, Graphicsmagick | 8.8 |