Vulnerability Details CVE-2022-28463
ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 31.0%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
- https://github.com/ImageMagick/ImageMagick/commit/ca3654ebf7a439dc736f56f083c9aa98e4464b7f
- https://github.com/ImageMagick/ImageMagick/issues/4988
- https://github.com/ImageMagick/ImageMagick6/commit/e6ea5876e0228165ee3abc6e959aa174cee06680
- https://lists.debian.org/debian-lts-announce/2022/05/msg00018.html
- https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html
- https://github.com/ImageMagick/ImageMagick/commit/ca3654ebf7a439dc736f56f083c9aa98e4464b7f
- https://github.com/ImageMagick/ImageMagick/issues/4988
- https://github.com/ImageMagick/ImageMagick6/commit/e6ea5876e0228165ee3abc6e959aa174cee06680
- https://lists.debian.org/debian-lts-announce/2022/05/msg00018.html
- https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html
Products affected by CVE-2022-28463
-
cpe:2.3:a:imagemagick:imagemagick:7.1.0-27
-
cpe:2.3:o:debian:debian_linux:9.0