Imagemagick: >> Imagemagick >> 5.3.0 Security Vulnerabilities
Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030.
CVSS Score
8.8
EPSS Score
0.013
Published
2020-02-06
coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
CVSS Score
6.5
EPSS Score
0.004
Published
2020-02-06
coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
CVSS Score
6.5
EPSS Score
0.01
Published
2020-02-06
In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free.
CVSS Score
8.8
EPSS Score
0.005
Published
2019-10-14
ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c.
CVSS Score
8.8
EPSS Score
0.003
Published
2019-10-14
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.
CVSS Score
8.8
EPSS Score
0.018
Published
2019-07-01
ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c.
CVSS Score
7.8
EPSS Score
0.003
Published
2019-07-01
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.
CVSS Score
6.5
EPSS Score
0.012
Published
2019-07-01
An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-04-30
LocaleLowercase in MagickCore/locale.c in ImageMagick before 7.0.8-32 allows out-of-bounds access, leading to a SIGSEGV.
CVSS Score
6.5
EPSS Score
0.005
Published
2019-04-02