Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Imagemagick
(Imagemagick)| Repositories |
• https://github.com/ImageMagick/ImageMagick
• https://github.com/ImageMagick/ImageMagick6 |
| #Vulnerabilities | 645 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-03-07 | CVE-2019-7175 | In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c. | Ubuntu_linux, Debian_linux, Imagemagick, Leap | 7.5 | ||
| 2019-07-01 | CVE-2019-13137 | ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c. | Ubuntu_linux, Debian_linux, Imagemagick | 6.5 | ||
| 2019-04-02 | CVE-2019-10714 | LocaleLowercase in MagickCore/locale.c in ImageMagick before 7.0.8-32 allows out-of-bounds access, leading to a SIGSEGV. | Imagemagick | 6.5 | ||
| 2017-08-28 | CVE-2017-12877 | Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file. | Ubuntu_linux, Debian_linux, Imagemagick | 6.5 | ||
| 2017-08-28 | CVE-2017-12876 | Heap-based buffer overflow in enhance.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file. | Imagemagick | 6.5 | ||
| 2017-07-19 | CVE-2017-11448 | The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file. | Imagemagick | 6.5 | ||
| 2019-02-05 | CVE-2019-7396 | In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c. | Ubuntu_linux, Debian_linux, Imagemagick, Leap | 7.5 | ||
| 2019-02-05 | CVE-2019-7395 | In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c. | Ubuntu_linux, Debian_linux, Imagemagick, Leap | 7.5 | ||
| 2017-05-19 | CVE-2017-9098 | ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. This is caused by a missing initialization step in the ReadRLEImage function in coders/rle.c. | Debian_linux, Graphicsmagick, Imagemagick | 7.5 | ||
| 2017-01-18 | CVE-2016-6823 | Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write. | Imagemagick | 7.5 |