Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Imagemagick
(Imagemagick)| Repositories |
• https://github.com/ImageMagick/ImageMagick
• https://github.com/ImageMagick/ImageMagick6 |
| #Vulnerabilities | 645 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-09-21 | CVE-2017-14625 | ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c. | Ubuntu_linux, Imagemagick | 9.8 | ||
| 2017-09-21 | CVE-2017-14624 | ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c. | Ubuntu_linux, Imagemagick | 9.8 | ||
| 2017-09-18 | CVE-2017-14532 | ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c. | Ubuntu_linux, Imagemagick | 9.8 | ||
| 2017-09-17 | CVE-2017-14505 | DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted Image File as input. | Imagemagick | 6.5 | ||
| 2017-09-12 | CVE-2017-14400 | In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in magick/cache.c mishandles the pixel cache nexus, which allows remote attackers to cause a denial of service (NULL pointer dereference in the function GetVirtualPixels in MagickCore/cache.c) via a crafted file. | Imagemagick | 6.5 | ||
| 2017-09-11 | CVE-2017-14249 | ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in coders/mpc.c, leading to division by zero in GetPixelCacheTileSize in MagickCore/cache.c, allowing remote attackers to cause a denial of service via a crafted file. | Imagemagick | 6.5 | ||
| 2017-08-31 | CVE-2017-14060 | In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow an attacker to cause a Denial of Service (in the QueueAuthenticPixelCacheNexus function within the MagickCore/cache.c file) by submitting a malformed image file. | Ubuntu_linux, Imagemagick | 6.5 | ||
| 2017-08-24 | CVE-2017-13658 | In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/image.c. | Imagemagick | 6.5 | ||
| 2017-08-23 | CVE-2017-13133 | In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service (load_tile memory exhaustion) via a crafted file. | Imagemagick | 6.5 | ||
| 2017-08-22 | CVE-2017-13061 | In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory exhaustion) via a crafted file. | Imagemagick | 6.5 |