Imagemagick: Security Vulnerabilities
In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c.
CVSS Score
6.5
EPSS Score
0.003
Published
2018-01-05
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c.
CVSS Score
6.5
EPSS Score
0.007
Published
2018-01-05
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c.
CVSS Score
6.5
EPSS Score
0.004
Published
2018-01-05
In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function.
CVSS Score
8.8
EPSS Score
0.017
Published
2018-01-05
ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service.
CVSS Score
6.5
EPSS Score
0.006
Published
2018-01-03
ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service
CVSS Score
6.5
EPSS Score
0.018
Published
2018-01-02
In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pwp.c.
CVSS Score
6.5
EPSS Score
0.005
Published
2018-01-01
In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file.
CVSS Score
6.5
EPSS Score
0.005
Published
2017-12-27
ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls.
CVSS Score
6.5
EPSS Score
0.005
Published
2017-12-27
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error.
CVSS Score
8.8
EPSS Score
0.011
Published
2017-12-27