apk package
chainguard/graphicsmagick
pkg:apk/chainguard/graphicsmagick
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-32460 | — | < 1.3.46-r0 | 1.3.46-r0 | Apr 9, 2025 | GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c, related to an ImportViewPixelArea call. | ||
| CVE-2025-27796 | — | < 1.3.46-r0 | 1.3.46-r0 | Mar 7, 2025 | ReadWPGImage in WPG in GraphicsMagick before 1.3.46 mishandles palette buffer allocation, resulting in out-of-bounds access to heap memory in ReadBlob. | ||
| CVE-2025-27795 | — | < 1.3.46-r0 | 1.3.46-r0 | Mar 7, 2025 | ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits. | ||
| CVE-2008-6621 | — | < 1.3.45-r30 | 1.3.45-r30 | Apr 6, 2009 | Unspecified vulnerability in GraphicsMagick before 1.2.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors in DPX images. NOTE: some of these details are obtained from third party information. | ||
| CVE-2007-0770 | — | < 0 | 0 | Feb 12, 2007 | Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. NOTE: this issue is due to an inc |
- CVE-2025-32460Apr 9, 2025affected < 1.3.46-r0fixed 1.3.46-r0
GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c, related to an ImportViewPixelArea call.
- CVE-2025-27796Mar 7, 2025affected < 1.3.46-r0fixed 1.3.46-r0
ReadWPGImage in WPG in GraphicsMagick before 1.3.46 mishandles palette buffer allocation, resulting in out-of-bounds access to heap memory in ReadBlob.
- CVE-2025-27795Mar 7, 2025affected < 1.3.46-r0fixed 1.3.46-r0
ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits.
- CVE-2008-6621Apr 6, 2009affected < 1.3.45-r30fixed 1.3.45-r30
Unspecified vulnerability in GraphicsMagick before 1.2.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors in DPX images. NOTE: some of these details are obtained from third party information.
- CVE-2007-0770Feb 12, 2007affected < 0fixed 0
Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. NOTE: this issue is due to an inc