Imagemagick
(Imagemagick)| Repositories |
•
https://github.com/ImageMagick/ImageMagick
• https://github.com/ImageMagick/ImageMagick6 |
| #Vulnerabilities | 561 |
| Date | ID | Summary | Products | Score | Patch | |
|---|---|---|---|---|---|---|
| 2019-08-18 | CVE-2019-15139 | The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472. | Imagemagick | 6.5 | ||
| 2019-07-07 | CVE-2019-13391 | In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels. | Imagemagick | 8.8 | ||
| 2019-07-05 | CVE-2019-13308 | ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage. | Imagemagick | 8.8 | ||
| 2019-07-01 | CVE-2019-13135 | ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c. | Imagemagick | 7.8 | ||
| 2019-04-29 | CVE-2019-11598 | In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c. | Imagemagick | 8.1 | ||
| 2018-10-07 | CVE-2018-18025 | In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the EncodeImage function of coders/pict.c, which allows attackers to cause a denial of service via a crafted SVG image file. | Debian_linux, Imagemagick | 6.5 | ||
| 2018-09-09 | CVE-2018-16749 | In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file. | Ubuntu_linux, Debian_linux, Imagemagick | 6.5 | ||
| 2018-09-06 | CVE-2018-16643 | The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in ImageMagick 7.0.8-4 do not check the return value of the fputc function, which allows remote attackers to cause a denial of service via a crafted image file. | Ubuntu_linux, Debian_linux, Imagemagick | 6.5 | ||
| 2018-05-18 | CVE-2017-18273 | In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call. | Ubuntu_linux, Debian_linux, Imagemagick | 6.5 | ||
| 2018-05-18 | CVE-2017-18271 | In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file. | Ubuntu_linux, Debian_linux, Imagemagick | 6.5 |