Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Imagemagick
(Imagemagick)| Repositories |
• https://github.com/ImageMagick/ImageMagick
• https://github.com/ImageMagick/ImageMagick6 |
| #Vulnerabilities | 645 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2016-12-13 | CVE-2016-5689 | The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks. | Imagemagick, Solaris | 9.8 | ||
| 2016-12-13 | CVE-2016-5690 | The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table. | Imagemagick, Solaris | 9.8 | ||
| 2016-12-13 | CVE-2016-5691 | The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixel.blue. | Imagemagick, Solaris | 9.8 | ||
| 2017-02-17 | CVE-2016-9773 | Heap-based buffer overflow in the IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9556. | Imagemagick | 5.5 | ||
| 2019-04-23 | CVE-2019-11470 | The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file. | Imagemagick | 6.5 | ||
| 2019-04-23 | CVE-2019-11472 | ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first. | Imagemagick | 6.5 | ||
| 2019-05-09 | CVE-2017-12805 | In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function ReadTIFFImage, which allows attackers to cause a denial of service. | Imagemagick | 7.5 | ||
| 2019-05-09 | CVE-2017-12806 | In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function format8BIM, which allows attackers to cause a denial of service. | Imagemagick | 7.5 | ||
| 2019-07-01 | CVE-2019-13135 | ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c. | Ubuntu_linux, Debian_linux, Big\-Ip_application_acceleration_manager, Big\-Ip_webaccelerator, Imagemagick | 8.8 | ||
| 2019-07-01 | CVE-2019-13136 | ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c. | Imagemagick | 7.8 |