Imagemagick: Security Vulnerabilities
coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
CVSS Score
6.5
EPSS Score
0.01
Published
2020-02-06
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.
CVSS Score
9.8
EPSS Score
0.006
Published
2019-12-24
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.
CVSS Score
9.1
EPSS Score
0.003
Published
2019-12-24
In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage.
CVSS Score
9.8
EPSS Score
0.005
Published
2019-12-24
imagemagick 6.8.9.6 has remote DOS via infinite loop
CVSS Score
6.5
EPSS Score
0.01
Published
2019-12-15
ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because XML_PARSE_HUGE is not properly restricted in coders/svg.c, related to SVG and libxml2.
CVSS Score
6.5
EPSS Score
0.006
Published
2019-11-11
In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free.
CVSS Score
8.8
EPSS Score
0.005
Published
2019-10-14
ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.
CVSS Score
8.8
EPSS Score
0.005
Published
2019-10-14
ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c.
CVSS Score
8.8
EPSS Score
0.003
Published
2019-10-14
ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-09-23