rpm package
opensuse/ImageMagick&distro=openSUSE Leap 15.2
pkg:rpm/opensuse/ImageMagick&distro=openSUSE%20Leap%2015.2
Vulnerabilities (45)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-27761 | — | < 7.0.7.34-lp152.12.9.1 | 7.0.7.34-lp152.12.9.1 | Dec 3, 2020 | WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could lead to values outside the range of representable type `unsigned long` undefined behavior when a crafted input file was processed by ImageMagick. The patch casts to `ssize_t` instea | ||
| CVE-2020-27760 | — | < 7.0.7.34-lp152.12.9.1 | 7.0.7.34-lp152.12.9.1 | Dec 3, 2020 | In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` value, it's possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick. This could lead to an impact to application availability. The patch uses the `PerceptibleReciproc | ||
| CVE-2020-27759 | — | < 7.0.7.34-lp152.12.9.1 | 7.0.7.34-lp152.12.9.1 | Dec 3, 2020 | In IntensityCompare() of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type `int` to be returned. The flaw could be triggered by a crafted input file under certain conditions when processed by | ||
| CVE-2020-19667 | — | < 7.0.7.34-lp152.12.9.1 | 7.0.7.34-lp152.12.9.1 | Nov 20, 2020 | Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7. | ||
| CVE-2020-27560 | — | < 7.0.7.34-lp152.12.6.1 | 7.0.7.34-lp152.12.6.1 | Oct 22, 2020 | ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service. |
- CVE-2020-27761Dec 3, 2020affected < 7.0.7.34-lp152.12.9.1fixed 7.0.7.34-lp152.12.9.1
WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could lead to values outside the range of representable type `unsigned long` undefined behavior when a crafted input file was processed by ImageMagick. The patch casts to `ssize_t` instea
- CVE-2020-27760Dec 3, 2020affected < 7.0.7.34-lp152.12.9.1fixed 7.0.7.34-lp152.12.9.1
In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` value, it's possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick. This could lead to an impact to application availability. The patch uses the `PerceptibleReciproc
- CVE-2020-27759Dec 3, 2020affected < 7.0.7.34-lp152.12.9.1fixed 7.0.7.34-lp152.12.9.1
In IntensityCompare() of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type `int` to be returned. The flaw could be triggered by a crafted input file under certain conditions when processed by
- CVE-2020-19667Nov 20, 2020affected < 7.0.7.34-lp152.12.9.1fixed 7.0.7.34-lp152.12.9.1
Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7.
- CVE-2020-27560Oct 22, 2020affected < 7.0.7.34-lp152.12.6.1fixed 7.0.7.34-lp152.12.6.1
ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service.
Page 3 of 3