Product:

Imagemagick

(Imagemagick)
Date Id Summary Products Score Patch Annotated
2019-07-09 CVE-2019-13454 ImageMagick 7.0.1-0 to 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c. Ubuntu_linux, Debian_linux, Imagemagick, Leap 6.5
2023-04-12 CVE-2023-1906 A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service. Extra_packages_for_enterprise_linux, Fedora, Imagemagick 5.5
2016-05-05 CVE-2016-3715 The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image. Ubuntu_linux, Imagemagick, Leap, Opensuse, Linux, Solaris, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_big_endian, Enterprise_linux_for_power_big_endian_eus, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_hpc_node, Enterprise_linux_hpc_node_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_from_rhui, Enterprise_linux_server_supplementary_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Linux_enterprise_debuginfo, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Linux_enterprise_workstation_extension, Manager, Manager_proxy, Openstack_cloud 5.5
2016-05-05 CVE-2016-3718 The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image. Ubuntu_linux, Imagemagick, Leap, Opensuse, Linux, Solaris, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_big_endian, Enterprise_linux_for_power_big_endian_eus, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_hpc_node, Enterprise_linux_hpc_node_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_from_rhui, Enterprise_linux_server_supplementary_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Linux_enterprise_debuginfo, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Linux_enterprise_workstation_extension, Manager, Manager_proxy, Openstack_cloud 5.5
2023-11-19 CVE-2023-5341 A heap use-after-free flaw was found in coders/bmp.c in ImageMagick. Extra_packages_for_enterprise_linux, Fedora, Imagemagick 5.5
2016-05-05 CVE-2016-3714 The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka "ImageTragick." Ubuntu_linux, Debian_linux, Imagemagick, Leap, Opensuse, Suse_linux_enterprise_server 8.4
2023-05-30 CVE-2023-34152 A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured. Extra_packages_for_enterprise_linux, Fedora, Imagemagick, Enterprise_linux 9.8
2023-05-30 CVE-2023-34153 A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding. Extra_packages_for_enterprise_linux, Fedora, Imagemagick, Enterprise_linux 7.8
2023-06-06 CVE-2023-2157 A heap-based buffer overflow vulnerability was found in the ImageMagick package that can lead to the application crashing. Imagemagick 5.5
2017-03-02 CVE-2016-10062 The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via a crafted file. Imagemagick 5.5