Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Imagemagick
(Imagemagick)| Repositories |
• https://github.com/ImageMagick/ImageMagick
• https://github.com/ImageMagick/ImageMagick6 |
| #Vulnerabilities | 645 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-09-23 | CVE-2019-16711 | ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c. | Ubuntu_linux, Debian_linux, Imagemagick, Leap | 6.5 | ||
| 2019-09-23 | CVE-2019-16713 | ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c. | Ubuntu_linux, Debian_linux, Imagemagick, Leap | 6.5 | ||
| 2022-03-23 | CVE-2021-4219 | A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions and leads to a denial of service. This flaw allows an attacker to crash the system. | Imagemagick | 5.5 | ||
| 2019-09-23 | CVE-2019-16709 | ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage. | Ubuntu_linux, Imagemagick, Backports, Leap | 6.5 | ||
| 2019-09-23 | CVE-2019-16712 | ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image. | Imagemagick, Leap | 6.5 | ||
| 2021-11-19 | CVE-2021-3962 | A flaw was found in ImageMagick where it did not properly sanitize certain input before using it to invoke convert processes. This flaw allows an attacker to create a specially crafted image that leads to a use-after-free vulnerability when processed by ImageMagick. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | Imagemagick | 7.8 | ||
| 2019-04-30 | CVE-2019-10131 | An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program. | Ubuntu_linux, Debian_linux, Imagemagick, Leap, Enterprise_linux | 7.1 | ||
| 2019-07-01 | CVE-2019-13133 | ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c. | Imagemagick, Leap | 5.5 | ||
| 2019-07-01 | CVE-2019-13134 | ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c. | Imagemagick, Leap | 5.5 | ||
| 2020-12-08 | CVE-2020-25663 | A call to ConformPixelInfo() in the SetImageAlphaChannel() routine of /MagickCore/channel.c caused a subsequent heap-use-after-free or heap-buffer-overflow READ when GetPixelRed() or GetPixelBlue() was called. This could occur if an attacker is able to submit a malicious image file to be processed by ImageMagick and could lead to denial of service. It likely would not lead to anything further because the memory is used as pixel data and not e.g. a function pointer. This flaw affects... | Imagemagick | 5.5 |