CVEDB API

GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.017

EPSS Ranking 81.5%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.3

References

Products affected by CVE-2017-13064

Graphicsmagick » Graphicsmagick » Version: 1.3.26

cpe:2.3:a:graphicsmagick:graphicsmagick:1.3.26
Debian » Debian Linux » Version: 8.0

cpe:2.3:o:debian:debian_linux:8.0
Debian » Debian Linux » Version: 9.0

cpe:2.3:o:debian:debian_linux:9.0