Imagemagick: >> Imagemagick >> 6.9.10-41 Security Vulnerabilities
In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free.
CVSS Score
8.8
EPSS Score
0.005
Published
2019-10-14
ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c.
CVSS Score
8.8
EPSS Score
0.002
Published
2019-10-14
In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-08-12
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.
CVSS Score
8.8
EPSS Score
0.026
Published
2019-07-01
ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c.
CVSS Score
7.8
EPSS Score
0.003
Published
2019-07-01
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.
CVSS Score
6.5
EPSS Score
0.015
Published
2019-07-01
In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.
CVSS Score
9.8
EPSS Score
0.002
Published
2018-09-01
In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c.
CVSS Score
9.8
EPSS Score
0.004
Published
2018-09-01
The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service.
CVSS Score
6.5
EPSS Score
0.006
Published
2017-07-19
The ReadPSDChannelPixels function in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
CVSS Score
6.5
EPSS Score
0.011
Published
2017-04-20