apk package

chainguard/imagemagick-dev

pkg:apk/chainguard/imagemagick-dev

Vulnerabilities (70)

CVE	Sev	CVSS	Affected versions	Published	Description
CVE-2016-10146	Hig	7.5	< 0	Mar 24, 2017	Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
CVE-2016-10145	Cri	9.8	< 0	Mar 24, 2017	Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy.
CVE-2016-10144	Cri	9.8	< 0	Mar 24, 2017	coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check.
CVE-2014-9848	Hig	7.5	< 0	Mar 20, 2017	Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).
CVE-2014-9854	Hig	7.5	< 0	Mar 17, 2017	coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image."
CVE-2014-9853	Med	5.5	< 0	Mar 17, 2017	Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.
CVE-2014-9852	Cri	9.8	< 0	Mar 17, 2017	distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors.
CVE-2016-10062	Med	5.5	< 0	Mar 2, 2017	The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
CVE-2016-5118	Cri	9.8	< 0	Jun 10, 2016	The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a \| (pipe) character at the start of a filename.
CVE-2007-1667		—	< 0	Mar 24, 2007	Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images wi

CVE-2016-10146HigMar 24, 2017
affected < 0fixed 0
Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
CVE-2016-10145CriMar 24, 2017
affected < 0fixed 0
Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy.
CVE-2016-10144CriMar 24, 2017
affected < 0fixed 0
coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check.
CVE-2014-9848HigMar 20, 2017
affected < 0fixed 0
Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).
CVE-2014-9854HigMar 17, 2017
affected < 0fixed 0
coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image."
CVE-2014-9853MedMar 17, 2017
affected < 0fixed 0
Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.
CVE-2014-9852CriMar 17, 2017
affected < 0fixed 0
distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors.
CVE-2016-10062MedMar 2, 2017
affected < 0fixed 0
The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
CVE-2016-5118CriJun 10, 2016
affected < 0fixed 0
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.
CVE-2007-1667Mar 24, 2007
affected < 0fixed 0
Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images wi

Page 4 of 4