Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Imagemagick
(Imagemagick)| Repositories |
• https://github.com/ImageMagick/ImageMagick
• https://github.com/ImageMagick/ImageMagick6 |
| #Vulnerabilities | 645 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-07-05 | CVE-2019-13306 | ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors. | Ubuntu_linux, Debian_linux, Imagemagick, Leap | 7.8 | ||
| 2019-07-05 | CVE-2019-13307 | ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows. | Ubuntu_linux, Debian_linux, Imagemagick, Leap | 7.8 | ||
| 2019-07-05 | CVE-2019-13309 | ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c. | Ubuntu_linux, Debian_linux, Imagemagick, Leap | 6.5 | ||
| 2019-07-05 | CVE-2019-13311 | ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error. | Ubuntu_linux, Debian_linux, Imagemagick, Leap | 6.5 | ||
| 2016-05-05 | CVE-2016-3716 | The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image. | Ubuntu_linux, Imagemagick, Enterprise_linux_desktop, Enterprise_linux_hpc_node, Enterprise_linux_hpc_node_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_supplementary_eus, Enterprise_linux_workstation | 3.3 | ||
| 2016-05-05 | CVE-2016-3717 | The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image. | Ubuntu_linux, Imagemagick, Enterprise_linux_desktop, Enterprise_linux_hpc_node, Enterprise_linux_hpc_node_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_supplementary_eus, Enterprise_linux_workstation | 5.5 | ||
| 2016-12-23 | CVE-2016-8707 | An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability can be triggered through any user controlled TIFF that is handled by this functionality. | Debian_linux, Imagemagick | 7.8 | ||
| 2019-12-24 | CVE-2019-19948 | In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c. | Ubuntu_linux, Debian_linux, Imagemagick, Leap | 9.8 | ||
| 2019-12-24 | CVE-2019-19949 | In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare. | Ubuntu_linux, Debian_linux, Imagemagick, Leap | 9.1 | ||
| 2019-09-23 | CVE-2019-16708 | ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage. | Ubuntu_linux, Debian_linux, Imagemagick, Leap | 6.5 |