Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Imagemagick
(Imagemagick)| Repositories |
• https://github.com/ImageMagick/ImageMagick
• https://github.com/ImageMagick/ImageMagick6 |
| #Vulnerabilities | 645 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-05-11 | CVE-2021-20311 | A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in sRGBTransformImage() in the MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability. | Imagemagick | 7.5 | ||
| 2018-12-26 | CVE-2018-20467 | In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file. | Ubuntu_linux, Debian_linux, Imagemagick, Leap | 6.5 | ||
| 2018-09-09 | CVE-2018-16750 | In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found. | Ubuntu_linux, Imagemagick | 6.5 | ||
| 2017-08-30 | CVE-2017-13768 | Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file. | Ubuntu_linux, Debian_linux, Imagemagick | 6.5 | ||
| 2018-09-09 | CVE-2018-16749 | In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file. | Ubuntu_linux, Debian_linux, Imagemagick | 6.5 | ||
| 2017-01-18 | CVE-2016-7101 | The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file. | Imagemagick | 6.5 | ||
| 2019-03-07 | CVE-2019-7175 | In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c. | Ubuntu_linux, Debian_linux, Imagemagick, Leap | 7.5 | ||
| 2019-07-01 | CVE-2019-13137 | ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c. | Ubuntu_linux, Debian_linux, Imagemagick | 6.5 | ||
| 2019-04-02 | CVE-2019-10714 | LocaleLowercase in MagickCore/locale.c in ImageMagick before 7.0.8-32 allows out-of-bounds access, leading to a SIGSEGV. | Imagemagick | 6.5 | ||
| 2017-08-28 | CVE-2017-12877 | Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file. | Ubuntu_linux, Debian_linux, Imagemagick | 6.5 |