VYPR

rpm package

opensuse/ImageMagick&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/ImageMagick&distro=openSUSE%20Tumbleweed

Vulnerabilities (152)

  • CVE-2019-15139Aug 18, 2019
    affected < 7.1.0.9-1.1fixed 7.1.0.9-1.1

    The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a diffe

  • CVE-2019-13311Jul 5, 2019
    affected < 7.1.0.9-1.1fixed 7.1.0.9-1.1

    ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.

  • CVE-2019-13306Jul 5, 2019
    affected < 7.1.0.9-1.1fixed 7.1.0.9-1.1

    ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.

  • CVE-2019-13301Jul 5, 2019
    affected < 7.1.0.9-1.1fixed 7.1.0.9-1.1

    ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.

  • CVE-2019-13296Jul 5, 2019
    affected < 7.1.0.9-1.1fixed 7.1.0.9-1.1

    ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value.

  • CVE-2019-13134Jul 1, 2019
    affected < 7.1.0.9-1.1fixed 7.1.0.9-1.1

    ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c.

  • CVE-2019-12976Jun 26, 2019
    affected < 7.1.0.9-1.1fixed 7.1.0.9-1.1

    ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.

  • CVE-2019-11506Apr 24, 2019
    affected < 7.1.0.9-1.1fixed 7.1.0.9-1.1

    In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. Thi

  • CVE-2019-11007Apr 8, 2019
    affected < 7.1.0.9-1.1fixed 7.1.0.9-1.1

    In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap.

  • CVE-2019-7398Feb 5, 2019
    affected < 7.1.0.9-1.1fixed 7.1.0.9-1.1

    In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.

  • CVE-2018-17966Oct 3, 2018
    affected < 7.1.0.9-1.1fixed 7.1.0.9-1.1

    ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePDBImage in coders/pdb.c.

  • CVE-2018-16641Sep 6, 2018
    affected < 7.1.0.9-1.1fixed 7.1.0.9-1.1

    ImageMagick 7.0.8-6 has a memory leak vulnerability in the TIFFWritePhotoshopLayers function in coders/tiff.c.

  • CVE-2018-16328Sep 1, 2018
    affected < 7.1.0.9-1.1fixed 7.1.0.9-1.1

    In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.

  • CVE-2018-14434Jul 20, 2018
    affected < 7.1.0.9-1.1fixed 7.1.0.9-1.1

    ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c.

  • CVE-2018-10805May 8, 2018
    affected < 7.1.0.9-1.1fixed 7.1.0.9-1.1

    ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.

  • CVE-2018-9135Mar 30, 2018
    affected < 7.1.0.8-1.2fixed 7.1.0.8-1.2

    In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c.

  • CVE-2016-5118CriJun 10, 2016
    affected < 6.9.6.6-1.1fixed 6.9.6.6-1.1

    The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.

  • CVE-2016-3718MedKEVMay 5, 2016
    affected < 6.9.6.6-1.1fixed 6.9.6.6-1.1

    The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.

  • CVE-2016-3717MedMay 5, 2016
    affected < 6.9.6.6-1.1fixed 6.9.6.6-1.1

    The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.

  • CVE-2016-3716LowMay 5, 2016
    affected < 6.9.6.6-1.1fixed 6.9.6.6-1.1

    The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.

Page 7 of 8