Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Imagemagick
(Imagemagick)| Repositories |
• https://github.com/ImageMagick/ImageMagick
• https://github.com/ImageMagick/ImageMagick6 |
| #Vulnerabilities | 645 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-04-20 | CVE-2015-8959 | coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file. | Imagemagick | 6.5 | ||
| 2017-03-24 | CVE-2017-5510 | coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write. | Debian_linux, Imagemagick | 7.8 | ||
| 2017-03-24 | CVE-2017-5509 | coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write. | Imagemagick | 7.8 | ||
| 2017-12-11 | CVE-2017-17499 | ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp. | Ubuntu_linux, Debian_linux, Imagemagick | 9.8 | ||
| 2017-09-07 | CVE-2017-14174 | In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop. | Ubuntu_linux, Debian_linux, Imagemagick | 6.5 | ||
| 2017-11-05 | CVE-2017-16546 | The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other impact via a malformed WPG file. | Ubuntu_linux, Debian_linux, Imagemagick | 8.8 | ||
| 2017-03-24 | CVE-2017-5507 | Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache. | Debian_linux, Imagemagick | 7.5 | ||
| 2017-05-22 | CVE-2017-9144 | In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. | Debian_linux, Imagemagick | 6.5 | ||
| 2017-05-22 | CVE-2017-9143 | In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c allows attackers to cause a denial of service (memory leak) via a crafted .art file. | Debian_linux, Imagemagick | 6.5 | ||
| 2017-05-22 | CVE-2017-9142 | In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c. | Debian_linux, Imagemagick | 6.5 |