Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Imagemagick
(Imagemagick)| Repositories |
• https://github.com/ImageMagick/ImageMagick
• https://github.com/ImageMagick/ImageMagick6 |
| #Vulnerabilities | 645 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-03-01 | CVE-2017-18211 | In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLKernel. | Ubuntu_linux, Imagemagick | 9.8 | ||
| 2018-03-01 | CVE-2017-18209 | In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory. | Ubuntu_linux, Imagemagick | 8.8 | ||
| 2017-12-27 | CVE-2017-17914 | In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file. | Ubuntu_linux, Debian_linux, Imagemagick | 6.5 | ||
| 2017-12-14 | CVE-2017-17682 | In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted wpg image file that triggers a ReadWPGImage call. | Ubuntu_linux, Debian_linux, Imagemagick | 6.5 | ||
| 2017-10-12 | CVE-2017-15281 | ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to "Conditional jump or move depends on uninitialised value(s)." | Ubuntu_linux, Imagemagick | 8.8 | ||
| 2017-10-05 | CVE-2017-15017 | ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c. | Ubuntu_linux, Imagemagick | 8.8 | ||
| 2017-10-05 | CVE-2017-15015 | ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c. | Ubuntu_linux, Imagemagick | 8.8 | ||
| 2017-09-26 | CVE-2017-14741 | The ReadCAPTIONImage function in coders/caption.c in ImageMagick 7.0.7-3 allows remote attackers to cause a denial of service (infinite loop) via a crafted font file. | Imagemagick | 6.5 | ||
| 2017-09-26 | CVE-2017-14739 | The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application crash) via unspecified vectors. | Imagemagick | 7.5 | ||
| 2017-09-21 | CVE-2017-14626 | ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c. | Ubuntu_linux, Imagemagick | 9.8 |